Akamai research reveals increased cyber attacks on media industry | Security | News | Rapid TV News
By continuing to use this site you consent to the use of cookies on your device as described in our privacy policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. [Close]
The media industry suffered 17 billion credential stuffing attacks between January 2018 and December 2019 according to a new report from Akamai, representing 20% of the 88 billion total credential stuffing attacks observed during the reporting period targeted media companies.
Akamai 15July2020
Credential stuffing is a cyber attack method in which attackers use lists of compromised user credentials and in the Akamai 2020 State of the Internet/Credential Stuffing report, delayed from publication in April to July due to the Covid-19 pandemic, the research also found that media companies presented an attractive target for criminals according to the report, which showed a 63% year-on-year increase in attacks against the video media sector.

As an indication of the problem, the study pinpointed a large spike in malicious login attempts against European video service providers and broadcasters during the first quarter of 2020. One attack in late March, after many isolation protocols had been instituted, directed nearly 350,000,000 attempts against a single service provider over a 24-hour period. Separately, one broadcaster was hit with a barrage of attacks over the course of the quarter with peaks that ranged in the billions.

The 630% and 208% year-over-year increases in attacks against broadcast TV and video sites, respectively. At the same time, attacks targeting video services were up 98% annually, while those against video platforms dropped by 5%.

Akamai noted that the marked uptick in attacks aimed at broadcast TV and video sites appeared to coincide with an explosion of on-demand media content in 2019. It added that two major video services launched last year with heavy support from consumer promotions and that these types of sites and services are well aligned to the observed goals of the criminals who target them.

The US was by far the top source of credential stuffing attacks against media companies with 1.1 billion in 2019, an increase of 162% over 2018. France and Russia were a distant second and third with 3.9 million and 2.4 million attacks, respectively. India, was the most targeted country in 2019, enduring with 2.4 billion credential stuffing attacks. It was followed by the US at 1.4 billion and the United Kingdom at 124 million.

According to Steve Ragan, Akamai security researcher and author of the State of the Internet / Security report, as long as there are usernames and passwords, there will be criminals trying to compromise them and exploit valuable information. Moreover he said that much of the value in media industry accounts lies in the potential access to both compromised assets, like premium content, along with personal data.

“We’ve observed a trend in which criminals are combining credentials from a media account with access to stolen rewards points from local restaurants and marketing the nefarious offering as ‘date night’ packages,” he explained. “Once the criminals get a hold of the geographic location information in the compromised accounts, they can match them up to be sold as dinner and a movie.”