The media industry is a prime target for credential stuffing attacks, with more than 17 billion incidents reported from January 2018 to December 2019, according to a report from Akamai.
Credential stuffing is one of the most common types of cyberattacks, in which bad actors try to authenticate into various online services using stolen or leaked credentials. It affects all industries, across all verticals, and no one is really safe.
It turns out that one industry, in particular, is taking the brunt of these attacks; the media industry. Akamai registered around 88 billion credentials attacks between January 1, 2018, and December 31, 2019, but about 20% of those (17 billion) were directed at the media. The public visibility of various media companies makes them prime targets.
“Year over year, there was a 63% increase in credential stuffing attacks in the video media sector when we examine data for 2018 and 2019,” states the company. “Some of this growth is due to new visibility. With more customers and customer assets (i.e., hostnames) being added to the fold, it shows that even with a vast amount of visibility, we’re only scratching the surface when it comes to the attacks we’re seeing.”
Surprisingly, many of these attacks doesn’t originate from criminal groups or hackers. Instead, they are attributed to a phenomenon called “the kids are at home,” meaning from unsophisticated actors and in periods that coincide with school breaks.
“In addition to summer and late fall, these attack peaks are also observable during holidays and periods associated with academic breaks, such as spring break in the United States,” the study states. “Make no mistake, though — just because the actors responsible lack technical acumen and a high degree of sophistication, low-level attacks are effective and can be linked to several high-profile data breaches.”
One of the most affected verticals in the industry is represented by video services, which saw a 98% year-over-year increase. On the other hand, broadcast and television and video websites take the brunt, with 630% and 208% increases.
The increase in credentials stuffing attacks is not likely to slow down in 2020, especially with the COVID-19 pandemic keeping many people at home. Those school breaks no longer apply in many countries, so the number of attacks coming from low-skill actors will most likely increase.