LAS VEGAS — Content delivery network specialist Akamai kicked off the NAB Show with a new report detailing wide-ranging credential abuses against online video and music streaming services, with stolen credentials, stuffing attacks, and more resulting from data breaches.
A central finding in the report — “Internet-Security: Credential Stuffing: Attacks and Economies”— saw three of the largest credential stuffing attacks vs. streaming services in 2018 (ranging in size from 133 million to 200 million attempts) took place shortly after reported data breaches, an indication that hackers were testing stolen credentials before selling them.
“To avoid platform stuffing, you need to protect the platform itself,” said Thomas Stark – product marketing manager for Akamai.
Jeff Hu, solutions engineer for Akamai, said the majority of attacks are geared toward media and entertainment companies. He and Akamai’s director of security technology and strategy Patrick Sullivan unveiled the research during the April 7 NAB Cybersecurity & Content Protection Summit, presented by MESA and CDSA. Sullivan said that the attack method commonly referred to as “credential stuffing” sees nefarious actors use automated tools to take advantage of stolen login information, in order to attempt to gain access to user accounts, with the assumption that same login and password are being used for multiple services.
“Hackers are very attracted to the high profile and value of online streaming services,” he said. “Educating subscribers on the importance of using unique username and password combinations is one of the most effective measures businesses can take to mitigate credential abuse. The good news is that organizations are taking the threat seriously and investigating security defenses, as evidenced by the discussions at NAB. Akamai offers its research and best practices to help these organizations who are facing significant brand and financial harm.”
Stolen credentials are then used for enabling non-subscribers to view content via pirated streaming accounts, and compromised accounts are sold, traded or harvested for personal information.
Akamai’s report pegged the U.S. as the No. 1 country of origin for the attacks, followed by Russia and Canada, and the U.S. is also the top target, followed by India and Canada. Previous Akamai research noted that media, gaming and entertainment companies saw 11.6 billion attacks between May and December of 2018.