Security

How credential stuffing contributed to 8.3B malicious botnet logins in early 2018

Malicious login attempts from bots increased by by almost 2 billion from April to May 2018. Here's who is at risk.

Nearly 300,000 malicious login attempts by one type of botnet occur every hour, according to Akamai's 2018 State of the Internet report on Wednesday. The specific attack vector the study focuses on is credential stuffing, a cyberattack in which botnets try to log into a site and steal a person's identity, information, or money.

Credential stuffing attacks have been on the rise this year, according to the report. Akamai found 8.3 billion malicious login attempts from bots between May and June 2018, a sharp increase from 6.4 billion in March and April 2018.

SEE: Malicious AI: A guide for IT leaders (Tech Pro Research)

The US, Russia, and Vietnam are the biggest sources of credential stuffing botnet attacks, said the report, and the finance industry is being targeted the most often. However, most companies don't realize an attack has happened until it is too late

Some 40% of finance organizations don't have a designated person or department prepared to address credential attacks, said the report. Most companies choose not to think about credential stuffing until they have to, whether it be an unprecedented spike in traffic, or thousands of dollars gone, added the report. Botnets are becoming pros at staying under the radar, however, meaning they have more time to attack before being noticed.

Credential stuffing attacks are advancing, forcing people to use specialized tools to detect them, said the report. However, many companies aren't putting in the protocols, time, or technology necessary. The negligence results in enterprises losing both credibility and profit, according to the report.

Attacks don't always happen under the radar, though. Akamai studied a Fortune 500 financial services institution that suffered a brute force, massive botnet attack. The company saw login attempts jump from an average of 50,000 logins an hour to over 350,000 in one afternoon, said the report. The normal daily peak login for that company was 100,000, meaning that at least 250,000 were malicious attempts.

Companies must stay vigilant and protect themselves against credential stuffing. Check out this TechRepublic article to strategies for avoiding credential stuffing attacks.

The big takeaways for tech leaders:

  • Credential stuffing botnet attacks caused a massive uptick in malicious login attempts between May and June 2018. — Akamai, 2018
  • The financial services industry is being targeted most, with botnets attempting to steal identities, funds, and goods. — Akamai, 2018

Also see

stuffing.jpg
Image: iStockphoto/scyther5

About Macy Bayern

Macy Bayern is an Associate Staff Writer for TechRepublic. A recent graduate from the University of Texas at Austin's Liberal Arts Honors Program, Macy covers tech news and trends.

Editor's Picks

Free Newsletters, In your Inbox