The Register in the UK reported: "An extraordinary 43 per cent of all attempted online account logins are malicious, Akamai claims in its latest internet security report.
"Credential abuse" is an increasingly popular line of attack, thanks in large part to the readily availability of huge user password databases that has been stolen and are sold online.
Akamai identifies two main types of such attacks: "bursty, high-speed login attempts" to break into people's accounts, and "low and slow attempts to avoid apprehension by spreading login tries across longer time periods," again to gain unauthorized access to profiles and systems.
The web hosting giant even reckons it may be underestimating the problem because it only gathered data from websites that use an email address as a username, which included no less than six billion login attempts over two months. Banks typically require you to select a username rather than an email and are often the most persistent focus of attackers attention, for obvious reasons, so are likely missing from this dataset.
In addition to detailing credential abuse, Akamai's quarterly State of the Net report, out this week, identifies mobile devices, the internet of things, and APIs as the biggest, and somewhat bleeding obvious, new threats to online security.
API attacks more than doubled in the last quarter, we're told. Akamai has also noticed a new trend in miscreants breaking into systems in order to use their computing power for activities including mining cryptocurrencies, rather than simply stealing information.
"We are seeing a new trend of enterprise systems being targeted, not only to steal their data, but to steal their computing resources, perhaps driven in part by the rise of cryptocurrencies and the potential value of mining resources," the report notes.
And now for the... oh well
As for the good news – there is no good news. Denial-of-service and web app attacks continue to increase as the number of vulnerabilities identified grows over time. Criminals continue to make the most from "long-standing, tried-and-true attack vectors," the report notes. That said, DDoS were down one per cent from the previous quarter so that's… good?
As to how to protect yourself or your company, the main advice is – hold on to your hats – to patch existing, known flaws.
"Many of today’s attacks still leverage well-known vulnerabilities - flaws that have been documented and patched, and can be prevented," the report stated, while banging its head on the table.
It goes on, slowly and clearly if the hope that people are actually listening, "efforts to cover the basics - secure coding practices, timely patching, proper device configuration, and prudent password management, would go a long way towards fortifying defenses."
How weak are *your* user’s passwords?
Are your user’s passwords…P@ssw0rd? Bad guys are constantly coming out with new ways to hack your network while evading detection.
Employees are the weakest link in network security, using weak passwords and falling for phishing and social engineering attacks.
Verizon's recent Data Breach Report showed that 81% of hacking-related breaches used either stolen and/or weak passwords.
KnowBe4’s complimentary Weak Password Test (WPT) checks your Active Directory for several different types of weak password related threats.
WPT gives you a quick look at the effectiveness of your password policies and any fails so that you can take action. This tests against 10 types of weak password related threats for example; Weak, Duplicate, Empty, Never Expires, plus 6 more.
Here's how the Weak Password Test works:
Reports on the accounts that are affected
Tests against 10 types of weak password related threats
Does not show/report on the actual passwords of accounts
Just download the install and run it
Results in a few minutes!
This will take you 5 minutes and may give you some insights you never expected!
Requirements: Active Directory, Windows 7 or higher (32 or 64bit)
Don't like to click on redirected buttons? Cut & Paste this link in your browser:
Grateful acknowledgement to The Register: https://www.theregister.co.uk/2018/02/21/login_attempts_malicious_akamai/