Akamai Credential Stuffing Report Shows Financial Services Industry Under Constant Attack From Automated Account Takeover Tools

Latest State of the Internet / Security data reveals worldwide malicious login attempts are on the rise; report cites more than 8.3 billion detected by Akamai in recent two-month period alone

Cambridge, MA |

According to the Akamai 2018 State of the Internet / Security Credential Stuffing Attacks report, worldwide malicious login attempts are on the rise. Findings from the report show that Akamai detected approximately 3.2 billion malicious logins per month from January through April 2018, and over 8.3 billion malicious login attempts from bots in May and June 2018 – a monthly average increase of 30 percent. In total, from the beginning of November 2017 through the end of June 2018, Akamai researcher analysis shows more than 30 billion malicious login attempts during the eight-month period.

Malicious login attempts result from credential stuffing, where hackers systematically use botnets to try stolen login information across the web. They target login pages for banks and retailers on the premise that many customers use the same login credentials for multiple services and accounts. Credential stuffing can cost organizations millions to tens of millions of dollars in fraud losses annually, according to the Ponemon Institute’s “The Cost of Credential Stuffing” report.

Akamai security and threat research plus behavioral detections power the company’s bot management technology, and Akamai’s Vice President of Web Security, Josh Shaul, shared an example of combating credential abuse on behalf of a customer. “One of the world’s largest financial services companies was experiencing over 8,000 account takeovers per month, which led to more than $100,000 per day in direct fraud-related losses,” said Shaul. “The company turned to Akamai to put behavioral-based bot detections in front of every consumer login endpoint and immediately saw a drastic reduction in account takeovers to just one to three per month and fraud-related losses down to only $1,000 to $2,000 per day.”

In addition, the State of the Internet report details two instances where Akamai combatted credential stuffing attempts for clients, demonstrating the severity of the method.

In the first case, the report recounts the issues faced by a Fortune 500 financial services institution where attackers used a botnet to conduct 8.5 million malicious login attempts within 48 hours against a site that typically only sees seven million login attempts in a week. More than 20,000 devices were involved in this botnet, which was capable of sending hundreds of requests a minute. Akamai research identified that nearly one-third of the traffic in this particular attack was generated from Vietnam and the United States.

The second real-world example from the report illustrates a “low and slow” type of attack identified at a credit union earlier this year. This financial institution saw a large spike in malicious login attempts, which ultimately revealed a trio of botnets targeting its site. While a particularly noisy botnet caught their attention, the discovery of a botnet that had been very slowly and methodically trying to break in created a much bigger concern.

“Our research shows that the people carrying out credential stuffing attacks are continuously evolving their arsenal. They vary their methodologies, from noisier, volume-based attacks, through stealth-like ‘low and slow’-style attacks,” said Martin McKeay, Senior Security Advocate at Akamai and Lead Author of the State of the Internet / Security report. “It’s especially alarming when we see multiple attacks simultaneously affecting a single target. Without specific expertise and tools needed to defend against these blended, multi-headed campaigns, organizations can easily miss some of the most dangerous credential attacks.”

A complimentary copy of the 2018 State of the Internet / Security Credential Stuffing Attacks report is available for download here. For additional information about the rise of credential stuffing challenges and ways to protect your organization against them, visit here.

Methodology

The Akamai 2018 State of the Internet / Security Credential Stuffing Attacks combines attack data from across Akamai’s global infrastructure and represents the research of a diverse set of teams throughout the company. The report provides analysis of the current cloud security and threat landscape, as well as insight into attack trends using data gathered from the Akamai Intelligent Platform. The contributors to the State of the Internet / Security Report include security professionals from across Akamai, including the Security Intelligence Response Team (SIRT), the Threat Research Unit, Information Security, and the Custom Analytics group.

Akamai について

Akamai は世界で最も信頼された世界最大のクラウド配信プラットフォームを提供しています。使用するデバイス、時間、場所を問わず、お客様が安全性に優れた最高のデジタル体験を提供できるようにサポートします。Akamai の大規模な分散型プラットフォームは、世界 130 か国に 20 万台を超えるサーバーを擁する比類のない規模を誇り、お客様に優れたパフォーマンスと脅威からの保護を提供しています。Akamai のポートフォリオに含まれる、ウェブおよびモバイルパフォーマンス、クラウドセキュリティ、エンタープライズアクセス、動画配信の各ソリューションは、卓越した顧客サービスと 24 時間体制の監視によりサポートされています。大手金融機関、EC リーダー企業をはじめ、メディアおよびエンターテイメントプロバイダー、政府機関が Akamai を信頼する理由について、www.akamai.com/jp/ja/ または blogs.akamai.com/jp/ および Twitter@Akamai_JP で詳細をご紹介しています。

※アカマイとアカマイ・ロゴは、アカマイ・テクノロジーズ・インクの商標または登録商標です
※その他、記載されている会社名ならびに製品名は、各社の商標または登録商標です
※本プレスリリースの内容は、個別の事例に基づくものであり、個々の状況により変動しうるものです