Serviceteam IT Security News

Credential stuffing attacks are costing EMEA businesses on average $4m each year, according to new research from Akamai.

The content delivery firm commissioned the Ponemon Institute to interview 544 IT security professionals in the region who are familiar with these attacks on their organization.

It found that companies are experiencing an average of 11 credential stuffing attempts each month, with each attack targeting 1041 user accounts.

Akamai calculated the $4m cost based on the financial impact of these attacks on application downtime ($1.2m), loss of customers ($1.6m), and the extra involvement of IT security ($1.2m) as well as the cost of follow-on fraud.

Complexity appears to be hampering efforts to contain credential stuffing. Surveyed companies had an average of 26.5 operational customer-facing websites for cyber-criminals to target via automated bot attacks.

Even more account takeover opportunities are presented by multiple log-in types across desktops, mobile web browsers, third-parties and mobile app users, it claimed.

Only a third (35%) said that they have good visibility into such attacks, while around the same number (36%) claimed they are able to quickly detect and remediate.

An overwhelming number of respondents (88%) agreed it’s difficult to differentiate real employees from imposters.

“Modern websites are sprawling entities that can comprise hundreds or thousands of web pages and support many different types of clients and traffic. Companies understanding their website architecture and how clients flow from different pages to their login endpoints is essential to successfully mitigating credential stuffing attacks — and keeping costs under control,” argued Akamai senior director, Jay Coley.

“Companies need bot management tools to monitor their behaviors and distinguish bots from genuine log-in attempts. Instead of standard log-in systems which just check whether a username and password match, they need to look at key-press patterns, mouse movements and even the orientation of a mobile device.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!