Credential stuffing attacks accounted for the greatest volume of security incidents against the financial sector, at 41 percent of all incidents in the past three years, according to a private industry notification from the FBI.
“When customers and employees use the same email and password combinations across multiple online accounts, cyber criminals can exploit the opportunity to use stolen credentials to attempt logins across various sites,” the bureau says.
Citing a 2020 survey conducted by a data analytics firm, the FBI notes that nearly 60 percent of respondents reported using one or more passwords across multiple accounts.
“When the attackers successfully compromise accounts, they monetize their access by abusing credit card or loyalty programs, committing identity fraud, or submitting fraudulent transactions such as transfers and bill payments,” according to the notice.
Since 2017, the agency has been receiving an increasing number of reports on credential stuffing attacks against US financial institutions – including banks, financial services providers, insurance companies, and investment firms – collectively detailing nearly 50,000 account compromises.
Unsurprisingly, the rise in credential stuffing attacks correlates with an increase in leaked credentials available on the dark web.
“Affected companies experienced downtime, loss of customers, and reputational damage as well as losses associated with customer notification and system remediation costs,” says the agency, citing a study by a data analytics firm.
Data from another research group indicates that credential stuffing attacks cost an average of $6 million per year, not counting costs associated with fraud.
In a key finding, many of the reports received by the FBI indicated the use of botnet credential stuffing.
“Although most credential stuffing attacks have low success rates, cyber actors’ use of botnets to conduct a massive scale of automated login attempts in a short timeframe enabled them to discover multiple valid credential pairs,” according to the notice.
The FBI recommends the following precautionary measures to mitigate the threat, underscoring that it’s best to apply as many as possible in tandem, not individually:
Bitdefender Network Traffic Security Analytics (NTSA) detects advanced network-based attacks in real-time and triggers autonomous incident response. Using a combination of machine learning and behavior analytics with insights from Bitdefender cloud threat intelligence, NTSA gives IT reps the much-needed threat context to detect any network-borne anomaly, from external malice to insider negligence.
Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.View all posts
Don’t miss out on exclusive content and exciting announcements!