For HomeFor BusinessFor Partners
Business Insights
5 min read

FBI: 41% of Financial Sector Cyber Attacks Come from Credential Stuffing

Filip Truta

October 02, 2020

FBI: 41% of Financial Sector Cyber Attacks Come from Credential Stuffing
  • 60 percent of users employ one or more passwords across multiple accounts
  • Cyber criminals exploit user negligence to steal credentials and attempt logins across various sites
  • The increasing prevalence of credential stuffing attacks correlates with an increase in leaked credentials available on the dark web
  • Many reports received by the FBI indicate the use of botnet credential stuffing

Credential stuffing attacks accounted for the greatest volume of security incidents against the financial sector, at 41 percent of all incidents in the past three years, according to a private industry notification from the FBI.

“When customers and employees use the same email and password combinations across multiple online accounts, cyber criminals can exploit the opportunity to use stolen credentials to attempt logins across various sites,” the bureau says.

Citing a 2020 survey conducted by a data analytics firm, the FBI notes that nearly 60 percent of respondents reported using one or more passwords across multiple accounts.

“When the attackers successfully compromise accounts, they monetize their access by abusing credit card or loyalty programs, committing identity fraud, or submitting fraudulent transactions such as transfers and bill payments,” according to the notice.

Since 2017, the agency has been receiving an increasing number of reports on credential stuffing attacks against US financial institutions – including banks, financial services providers, insurance companies, and investment firms – collectively detailing nearly 50,000 account compromises.

Unsurprisingly, the rise in credential stuffing attacks correlates with an increase in leaked credentials available on the dark web.

“Affected companies experienced downtime, loss of customers, and reputational damage as well as losses associated with customer notification and system remediation costs,” says the agency, citing a study by a data analytics firm.

Data from another research group indicates that credential stuffing attacks cost an average of $6 million per year, not counting costs associated with fraud.

In a key finding, many of the reports received by the FBI indicated the use of botnet credential stuffing.

“Although most credential stuffing attacks have low success rates, cyber actors’ use of botnets to conduct a massive scale of automated login attempts in a short timeframe enabled them to discover multiple valid credential pairs,” according to the notice.

The FBI recommends the following precautionary measures to mitigate the threat, underscoring that it’s best to apply as many as possible in tandem, not individually:

  • Alert customers and employees to this scheme and actively monitor accounts for unauthorized access, modification, and anomalous activities
  • Advise customers and employees to use passwords they don’t for any other accounts and to change their passwords regularly
  • Direct customers to change their usernames and passwords upon identification of account compromise or fraud
  • Validate customer credential pairs against databases of known leaked usernames/passwords
  • Modify internet banking login page responses to remove indicators that reveal the validity of credential pairs by issuing the same error message and response time when both username and password are incorrect or only the password is incorrect
  • Establish MFA for creating and updating account information, especially for bank, insurance, and trading accounts, as well as for providing initial account access to financial aggregator services
  • Use anomaly detection tools that identify an unusual increase in traffic and failed authentication attempts

Bitdefender Network Traffic Security Analytics (NTSA) detects advanced network-based attacks in real-time and triggers autonomous incident response. Using a combination of machine learning and behavior analytics with insights from Bitdefender cloud threat intelligence, NTSA gives IT reps the much-needed threat context to detect any network-borne anomaly, from external malice to insider negligence.

tags

Business Insights

Author

Filip Truta

Filip Truta

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

View all posts

Right now Top posts

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

Bitdefender Threat Debrief | November 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | November 2024

November 07, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Bitdefender Threat Debrief | October 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | October 2024

October 10, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Enterprise Security Endpoint Protection & Management

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Bitdefender Enterprise

November 21, 2024

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Enterprise Security Endpoint Detection and Response

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Jade Brown and Nikki Salas

November 20, 2024

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Daniel Daraban

November 19, 2024

Bookmarks

loader