Home Security Akamai SOTI report: financial services industry under constant attack from automated tools

Credential stuffing is stuffing up the financial services industry, with content attacks, malicious login attempts on the rise with 8.3 billion detected in a recent two month period alone.

Akamai's State of the Internet reports are well known and anticipated for its treasure troves of up-to-date information, with the latest, detailed 18-page "Akamai 2018 State of the Internet / Security Credential Stuffing Attacks report" up to Volume 4, Issue 4.

You can freely download the report here after free registration. 

So, what does the latest report reveal?

Well, we start with the claim that "worldwide malicious login attempts are on the rise".

"Findings from the report show that Akamai detected approximately 3.2 billion malicious logins per month from January through April 2018, and over 8.3 billion malicious login attempts from bots in May and June 2018 – a monthly average increase of 30%.

"In total, from the beginning of November 2017 through the end of June 2018, Akamai researcher analysis shows more than 30 billion malicious login attempts during the eight-month period."

Akamai explains that "malicious login attempts result from credential stuffing, where hackers systematically use botnets to try stolen login information across the Web.

"They target login pages for banks and retailers on the premise that many customers use the same login credentials for multiple services and accounts. Credential stuffing can cost organisations millions to tens of millions of dollars in fraud losses annually, according to the Ponemon Institute’s “The Cost of Credential Stuffing” report.

Akamai security and threat research plus behavioural detections power the company’s bot management technology, and Akamai’s Vice President of Web Security, Josh Shaul, shared an example of combating credential abuse on behalf of a customer.

Shaul said: “One of the world’s largest financial services companies was experiencing over 8,000 account takeovers per month, which led to more than $100,000 per day in direct fraud-related losses.

“The company turned to Akamai to put behavioural-based bot detections in front of every consumer login endpoint and immediately saw a drastic reduction in account takeovers to just one to three per month and fraud- related losses down to only $1,000 to $2,000 per day.”

Fernando Serto, Akamai's head of Security Technology and Strategy APJ, also commented with a local perspective, stating: “Credential stuffing attacks continue to impact Australian organisations.

"Financial institutions are the most susceptible to these types of attacks as many customers will use the same login credentials for many different accounts and services. Credentials and personal details are a gold mine for cyber criminals.

"If the login credentials for a user is comprised on one platform, its likely cyber criminals will have access to a majority of their other accounts, with financial institutions at the highest risk.

"The cyber security industry needs to continue to educate organisations on their responsibilities for preserving a strong cyber security posture to avoid any details being compromised.”

Akamai also said it "identified tensions between the Web experience team and cyber security teams – 70% of survey respondents believe the tools used to defend against credential stuffing attacks diminish the customer experience of legitimate users. Creating debate around which one is more important – customer experience or cyber security.

"In addition, the State of the Internet report details two instances where Akamai combatted credential stuffing attempts for clients, demonstrating the severity of the method.

"In the first case, the report recounts the issues faced by a Fortune 500 financial services institution where attackers used a botnet to conduct 8.5 million malicious login attempts within 48 hours against a site that typically only sees seven million login attempts in a week.

More than 20,000 devices were involved in this botnet, which was capable of sending hundreds of requests a minute. Akamai research identified that nearly one-third of the traffic in this particular attack was generated from Vietnam and the US.

"The second real-world example from the report illustrates a “low and slow” type of attack identified at a credit union earlier this year. This financial institution saw a large spike in malicious login attempts, which ultimately revealed a trio of botnets targeting its site.

"While a particularly noisy botnet caught their attention, the discovery of a botnet that had been very slowly and methodically trying to break in created a much bigger concern."

Martin McKeay, senior security advocate at Akamai and lead author of the report, said: "Our research shows that the people carrying out credential stuffing attacks are continuously evolving their arsenal. They vary their methodologies, from noisier, volume-based attacks, through stealth-like ‘low and slow’-style attacks.

“It’s especially alarming when we see multiple attacks simultaneously affecting a single target. Without specific expertise and tools needed to defend against these blended, multi-headed campaigns, organisations can easily miss some of the most dangerous credential attacks.”

You can download a free copy of the 2018 State of the Internet / Security Credential Stuffing Attacks report here

Akamai offers additional information about the rise of credential stuffing challenges and ways to protect your organisation against them here

Report methodology

Akamai said its latest report "combines attack data from across Akamai’s global infrastructure and represents the research of a diverse set of teams throughout the company. The report provides analysis of the current cloud security and threat landscape, as well as insight into attack trends using data gathered from the Akamai Intelligent Platform

"The contributors to the State of the Internet / Security Report include security professionals from across Akamai, including the Security Intelligence Response Team (SIRT), the Threat Research Unit, Information Security, and the Custom Analytics group."

REASON TO CHOOSE TENDA MESH WIFI

Our Mesh WiFi system MW3 is the first in Australia market with price below AUD$200 for a set of three.

· Best valued product
· Strong signal covering up to 300m2 for MW3 and 500m2 for MW6
· Aesthetically pleasing and light weigh (blend into any room deco)
· Wireline backhauls supported
· Product units are pre-paired and easy to setup
· Not requiring phone number or email address to set up
· Wall penetration (better than other similar brands)
· Seamless WiFi roaming
· User friendly app with controls to setup a guest network, parental controls for disabling groups of devices you allocate to individuals, QoS and more

CLICK FOR MORE INFO!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect