Bot-Driven Credential Stuffing Hits New Heights

Written by

More than 40% of global log-in attempts are malicious thanks to bot-driven credential stuffing attacks, according to the latest report from Akamai.

The cloud delivery provider’s latest State of the Internet/Security report for Q4 2017 comprised analysis from over 7.3 trillion bot requests per month.

It claimed that such requests account for over 30% of all web traffic across its platform per day, excluding video streaming. However, malicious activity has seen a sharp increase, as cyber-criminals look to switch botnets from DDoS attacks to using stolen credentials to try to access online accounts.

Of the 17 billion login requests Akamai tracked in November and December, over two-fifths (43%) were used for credential abuse. The figure rose to a staggering 82% for the hospitality industry.

The stats chime with similar data from fraud prevention specialist ThreatMetrix, which claimed in its latest Cybercrime report for Q4 2017 that there were 34 million bot attacks during the peak festive shopping period, rising to 800 million for the quarter.

It said that for some businesses bot activity can make up as much as 90% of their daily traffic.

Akamai claimed that credential stuffing can cost businesses up to $2.7m annually.

“Increased automation and data mining have caused a massive flood of bot traffic to impact websites and internet services. Although most of that traffic is useful for internet businesses, cyber-criminals are looking to manipulate the powerful volume of bots for nefarious gains,” said Akamai senior security advocate, Martin McKeay.

“Enterprises need to watch who is accessing their sites to differentiate actual humans from both legitimate and malicious bots. Not all web traffic and not all bots are created equal.”

Elsewhere in the report, the firm revealed a major increase in the volume of DDoS attacks on financial services firms: 37 organizations experienced 298 attacks during the quarter.

The UK is now the third most targeted country for web app attacks, up one place from the previous quarter, and the ninth biggest attack source.

What’s hot on Infosecurity Magazine?