Media industry targeted in 17 mn credential stuffing attacks in 2 years: Akamai

The media industry faced 17 million credential stuffing attacks between January 2018 and December 2019, as per a study.

The industry faced 20% of the overall 88 billion credential stuffing attacks observed during the period, with a 7,000% increase in attacks on published content, such as newspapers, books and magazines, a report by Cambridge, Massachusetts-based cloud security firm Akamai showed.

A credential stuffing attack refers to one where stolen credentials, such as usernames, email addresses and passwords, are used to gain access to user accounts on a large scale automated login basis.

Read: Over a third of firms in Asia Pacific-Japan region seek better data protection: Dell

At 2.4 billion, India recorded the highest number of such attacks in 2019, while most of the attacks in 2019 originated in the US at 1.1 billion, a 162% jump compared to 2018, the Akamai 2020 State of the Internet/Credential Stuffing in the Media Industry report said.

The US recorded the second largest number of stuffing credential attacks at 1.4 billion, followed by the UK at 124 million, it said.

Additionally, broadcast TV and video sites witnessed a 630% and 208% year-over-year increase in the attacks, respectively. While attacks against video services went up 98%, overall attacks in the video media sector rose 63%. The increase could be attributed to the need for on-demand media content in 2019, the report said.

Read: External attacks on cloud accounts surge 630% between Jan and April: McAfee

Password sharing and recycling are easily the two largest contributing factors in credential stuffing attacks, Steve Ragan, security researcher at Akamai and the author of the report, said.

“While educating consumers on good credential hygiene is critical to combating these attacks, it’s up to businesses to deploy stronger authentication methods and identify the right mix of technology, policies and expertise that can help protect customers,” Ragan added.