Financial services sector hit with more credential stuffing attacks
About 3.4 billion credential stuffing attacks were aimed at the financial services sector globally last year, an increase of 45% from 2019, according to a new report from Akamai Technologies.
Globally there were 193 billion such attacks last year, the firm says in its annual State of the Internet/Security report.
Credential stuffing is a type of cyber attack where perpetrators use lists of compromised user credentials to hack into a system. The attack uses bots for automation and scale and is based on the assumption that many users reuse usernames and passwords across multiple services.
Akamai says passwords have always been a weak link in the security chain, and criminals won’t hesitate to exploit that weakness.
“Looking back at the year, all of these instances can be linked to events happening in the criminal economy at the time,” the report said.
“Millions of new usernames and passwords, tied to several notable incidents in Q1 and Q2 of 2020, as well as some in Q3, started circulating among criminals on several forums.
“Once these compromised credentials were in circulation, they were sorted and tested against brands across the internet, including several financial institutions.”
Akamai says in Australia and New Zealand, there has been a marked increase in the number of automated application-layer attacks targeting insurers.
These attacks are designed to scrape organisational data, or worse still, to utilise stolen credentials for the purpose of fraudulently accessing customer data and accounts directly.
“It is increasingly common to see the same bots attacking Australian and New Zealand insurers as other insurance organisations in the region, and globally,” Regional Manager Financial Services James Richmond told insuranceNEWS.com.au.
He says insurers are also being targeted by phishing and malware attacks focused on employee, contractor, and third-party credential abuse and fraud.
Australian insurers are responding to the escalating threat, actively exploring more advanced solution options to combat the danger, while ensuring their remote employees’ productivity and ease of systems access are not sacrificed.
He says insurers in Australia are very proactive when it comes to risk management.
“Security teams at Australian insurance companies, and in financial services more broadly, continue to collaborate and communicate with each other effectively, which helps protect the industry against common threats,” Mr Richmond said.
“This is a critical part of Australian financial services’ defensive ecosystem, because as long as one insurer is vulnerable, cyber criminals will continue to target other companies in the sector.”
The report says the financial services sector also saw a record 63.56 million credential abuse attacks globally. Credential abuse is a byproduct of phishing, often carried out with the aim of taking over an account.
According to the report, phishing is now a turnkey business, even offered as a hosted solution for criminals who wish to leverage phishing-as-a-service developments.
SMS phishing in particular has emerged as a global problem. As the mobile text messaging service remains widely used, perpetrators see an opportunity to exploit it to trick unsuspecting users.
The perpetrators do it by inundating users’ phones with phishing messages impersonating banks, entertainment channels, package delivery services online retailers and others.
“While mobile users are progressively more aware of malicious messages on email and social networks, many inherently trust texts, and threat actors have ample opportunity to exploit this dynamic,” the report said.
“To preserve the integrity of the text message medium and to protect the user experience, everyone needs to understand this growing threat while working to guard against its proliferation.”
Click here for the report.