Latest report by content delivery network giant, Akamai, reveals some alarming numbers when it comes to online attacks. While we have seen quite a few end-of-year reports focusing on phishing attempts, keylogging malware, and more recently, the attention seeking cryptojacking attacks, it appears credential abuse continues to cause some real damage. 43% of all login attempts made on the internet are by hackers trying to get into your account, the report suggested.
The attack technique that uses stolen credentials to log into a website is known as credential abuse. With 2016 giving us some of the internet history's biggest data leaks, credential abuse was to become to the go-to attack line for hackers. On how the company actually detects these malicious login attempts, Akamai said it identifies IP addresses that make multiple attempts to log into accounts using leaked or stolen credentials but have no other activity on that target site.
This "methodology helps us identify both bursty, high-speed login attempts as well as the “low and slow” attempts to avoid apprehension by spreading login tries across longer time periods," the web hosting giant added.
Still not a true picture of credential abuse
While highly alarming that nearly half of the logins made online are by hackers trying to take over our accounts, the real figure could be much much worse. The report explained that Akamai's data set only focuses on sites that use an email address as the login name. This means that sites that work on a username not based on email addresses (banks usually fall into this category) aren't taken into account in this particular research.
Even in this somewhat limited data set, the company saw over 8.3 billion login attempts during November. Of these, a whopping 3.6 billion were determined to be malicious login attempts!
In other words, 43% of all logins seen by Akamai were attempts to log in to an account using password guessing or account details gathered from elsewhere on the Internet.
The retail and hotel & travel industries are the worst affected with retail organizations seeing over a billion malicious login attempts, followed by Hotel & Travel seeing 968 million, and High Tech seeing 781 million malicious login attempts.
The report also revealed that hotel & travel remains at the top of the list as these 968 million malicious login attempts are out of a total 1.2 billion login attempts, accounting for nearly 82% of all login attempts! "More than four out of every five, were malicious!," the research said.
"Ask anyone on the security team at a hotel chain and they will tell you how hard they have to work to protect their user accounts," the report added. "[Hackers] are aware that these sites have large pools of credit card numbers for them to drain."
Whether credential abuse is done through an unlimited treasure trove of leaked databases, or through phishing links and malicious websites, credential theft has become an epidemic. To stay secure, experts recommend to use a strong password manager to auto-generate passwords for you and enable two factor authentication wherever it's offered.
- Akamai's report that discusses several other attacks can be accessed here [PDF].