Menu
Account takeovers on the rise as DDoS trends continue

Account takeovers on the rise as DDoS trends continue

Cyber crooks looking to own your identity across multiple sites and services

Using stolen account credentials to attempt to compromise other accounts of the same user is not new but a recent report by Akamai shows this practice is gaining increasing popularity in the criminal underworld.

The company has released its State of the Internet/Security report which shows that while direct denial of service attacks (DDoS) have continued to increase at the projected rate, there has been a considerable increase in the number of users having multiple accounts compromised from stolen credentials, some from breaches more than four years old.

“I have personally been fighting it since 2012, but we are seeing more of it recently,” Akamai security Asia-Pacific and Japan chief technology officer, Mike Smith, said.

Smith said the company had seen data from the 2012 LinkedIn breach being sold in the recent weeks and an increase in account takeover attempts as a result. Interestingly, this is information which was available on torrenting sites for free soon after the breach occurred.

“When somebody has a list like that, provided that the list is shared with a group of criminals or available for free download, we will see a corresponding increase in account takeover activity or tools checking for account reuse."

Smith went on to say the company had witnessed a continuation of the trend in the increase and severity of DDoS attacks over 100gbps, the most crippling form of DDoS attack.

The company dealt with more than 4500 DDoS attacks during the reporting period, a 125 per cent increase compared to the same time period in 2015.

“Attackers have their own economics, the whole idea If you are an attacker is to be as effective as you can with the minimal use of resources and minimal risk to yourself,” Smith said.

He added that in the DDoS space, the network attacks against DDoS targets, gaming companies are by far the most targeted industry for a simple reason.

“Gaming is popular because the latency impact of such attacks is noticeable to the end user,” He explained.

He added that the online retail sector receives the majority of web application attacks because of the way retailers structure workflow through the website.

“You go into the site and you can login, you can browse objects, you can add something to your cart, you can almost go through the checkout without having to login. Because of this these sites have a large attack surface that is exposed and so these sites experience a lot more attacks than a government website for example," he said.

Smith predicted that one of the ‘mega trends’ which would become apparent over the next five years was attacks on local Government websites as Australian State and Federal Governments push more services online.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimeLinkedInakamaiddosState of the Internet/Security report

Featured

Slideshows

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Kiwi channel debates GDPR as Reseller News Exchange hits Wellington

Kiwi channel debates GDPR as Reseller News Exchange hits Wellington

This exclusive Reseller News Exchange, in association with Arrow ECS ANZ, ForeScout and StorageCraft, went on the road to debate the early implications of GDPR in New Zealand, extracting opportunities while evaluating challenges for the channel in the year ahead.

Kiwi channel debates GDPR as Reseller News Exchange hits Wellington
Show Comments