Cyber Security

Credential Stuffing Attack: An Emerging Cyber Crime

“Cybercrime is the greatest threat to every company in the world.” — Ginni Rommety

Credential Stuffing Attack
Credential Stuffing Attack
  1. Credential stuffing attack.

The Credential Stuffing Attack

There is no shortage of cyber threats on the internet today and credential stuffing is one of those cyber threats. In this attack, cyber criminals use compromised credentials found on the darknet, most of which are from corporate data breaches. These login credentials are automatically fed into login accounts on different websites.

How Does it Work?

How credential stuffing attack works
How credential stuffing attack works
How credential stuffing attack works

Examples of Credential Stuffing Attacks

If you are wondering how this simple method can work and affect businesses then there are several firms who have been victims of this particular attack. In a recent incident, RIPE NCC has confirmed to suffer a credential stuffing attack affecting its single-sign-on (SSO) platform. RIPE NCC is the regional Internet registry for Europe, the Middle East, and Central Asia.

(Source: Twitter) A tweet from researcher Bob Diachenko

Why is it Hard to Detect Credential Stuffing?

You must have figured out that a credential stuffing attack is hard to detect. The reason is that cyber criminals use sophisticated tools to hide their activities. For example, a cyber criminal can mimic the geolocation of users to make it legitimate while attempting to log in.

Prevention of Credential Stuffing

Preventive countermeasures might not be able to erase the attack completely. However, it does help your organization to reduce at least a significant portion. Moreover, looking at the current scenario organizations definitely need to implement preventive measures so that they don’t learn the lesson in an expensive way.

  1. Implement multi-factor authentication to add an extra layer of security in case the password gets compromised or stolen. Adding an extra layer of security with MFA forces cyber criminals to verify your email account through other devices or applications.
  2. Use a captcha or something similar that requires a human response to login. Captchas or challenge-response tests help in identifying if it’s a human or a machine who is trying to log in to the account.
  3. Encrypt all files that store personal information so that a data breach doesn’t reveal any details.
  4. Develop an incident response plan and rehearse it frequently so that everyone connected with the organization is familiar with their roles and responsibilities to secure the organization.

We are cyber security solutions providing firm, helping a diverse range of industries globally to strengthen and secure the triad of People-Process-Technology.