Hikvision’s Senior Cybersecurity Director Covers Hacks, New Report Finds 100 Billion Credential Stuffing Attacks
Hikvision Tips to Improve Password Hygiene & Reduce Your Risk of Being Hacked
With growth in online sales this year, and Black Friday ushering in retail season, it’s a great time to provide a refresher on ways to improve password hygiene. Hikvision Senior Director of Cybersecurity, Chuck Davis, today is covering hacks as a new cybersecurity report found increases in retail and hospitality fraud in the last two years. And, we’ll cover tips to reduce your risk of being hacked.
Today’s HikWire blog covers details from the “2020 State of the Internet” report from cybersecurity and cloud provider, Akamai.
Report Finds 100 Billion Credential Stuffing Attacks
The Akamai “2020 State of the Internet” report found 100 billion credential stuffing attacks. Credential stuffing is when an attacker takes a long list of usernames and passwords and, using an automated script, tries each pair on many popular websites. Those sites could be business or email related, like Google, Apple, and Microsoft. Or, they could be social media accounts like Facebook, LinkedIn, and Instagram, shopping accounts like Amazon, or any other popular sites like banks and payment tools such as Venmo.
From the report: “The retail, travel, and hospitality industries were deeply impacted by the COVID-19 pandemic. … Criminals seized the moment and started targeting the retail, travel, and hospitality sectors with attacks of all types and sizes. Between July 2018 and June 2020, Akamai observed more than 100 billion credential stuffing attacks, and more than 63 billion of them targeted retail, travel, and hospitality.”
As a greater number of people started working from home with pandemic lockdowns in place, cybercriminals began targeting industries with password combination lists. These threat actors also began circulating previous credential lists with the hopes of identifying “new vulnerable accounts,” according to the report.
The report recommended keeping customers safe by implementing complex, long passwords and multi-factor authentication. Click this link to read the entire report.
Password Tips to Prevent Credential Stuffing
Below are several tips from a recent Hikvision blog to reduce your risk of becoming a victim to credential stuffing.
- Never reuse passwords. Reusing passwords greatly increases the chances that your account will be compromised with a credential stuffing attack.
- Enable multi-factor authentication (MFA) everywhere you can. This will protect your account even if an attacker gets your password. MFA adds two or more pieces of verifiable evidence or factors to the authentication process to greatly reduce security concerns by lowering the chances of an account being accessed by the wrong person.
- Use a Password Manager. Using a password manager will relieve you of the burden of remembering all your passwords because you can store them in the password manager.
By creating strong passwords and using certain tools, you can reduce your risk of hack related to credential stuffing and other cyberthreats. For more on cybersecurity from Hikvision, click here.