The media industry suffered 17 billion credential stuffing attacks over the course of two years, as part of a huge increase in attacks against the sector.
According to research by Akamai, between January 2018 and December 2019, 20% of the 88 billion total attacks recorded were against media companies. The company also recorded 630% and 208% year-over-year increases in attacks against broadcast TV and video sites, respectively.
Steve Ragan, Akamai security researcher and author of the State of the Internet/Security report, said: “As long as we have usernames and passwords, we’re going to have criminals trying to compromise them and exploit valuable information.
“Password sharing and recycling are easily the two largest contributing factors in credential stuffing attacks. While educating consumers on good credential hygiene is critical to combating these attacks, it’s up to businesses to deploy stronger authentication methods and identify the right mix of technology, policies and expertise that can help protect customers without adversely impacting the user experience.”
Video sites are not the sole focus of credential stuffing attacks within the media industry. The report noted a staggering 7000% increase in attacks targeting published content. Newspapers, books and magazines sit squarely within the sights of cyber-criminals, indicating that media of all types appear to be fair game when it comes to these types of attacks.
In an email to Infosecurity, Alex Guirakhoo, threat research team lead at Digital Shadows, said credentials for video and music streaming services are in high demand on cyber-criminal platforms, and he had seen streaming accounts account for 13% of all listings, surpassed only by bank or financial accounts, which comprised 25% of all listings.
“Attackers can obtain these accounts cheaply and efficiently using credential stuffing tools, which prey on password reuse,” Guirakhoo said. “Individual streaming accounts can be purchased for an average of under $10. These accounts are also frequently traded for free on cyber-criminal forums like XSS and RaidForums, likely to help build a sense of community among forum users."
Leo Pate, application security consultant at nVisium, said conducting credential stuffing attacks is easy, low-risk and they deliver high return on investment (ROI) if successful. “From a criminal point-of-view, most media platforms don't offer strong security controls, like multi-factor authentication, or users simply do not take advantage of them even if available, thereby resulting in a higher rate of successful compromise,” he added.
“Additionally, some media platforms utilize the same credentials in other platforms they own; for example, Amazon Prime Video and Amazon Prime. Therefore, a successful compromise of an Amazon Prime Video account will likely lead to a successful compromise of an Amazon Prime account as well. This also enables the criminal to potentially even more financial and personal information.”