There has been a ‘sharp increase’ in the threat of credential abuse in recent months, putting companies and individuals alike at risk of being hacked, new research has claimed.
A report by Akamai Technologies analysing more than 7.3 trillion bot requests per month found that in the last three months of 2017, the attacks made up more than 40 per cent of malicious login attempts.
The report says that hackers are looking to add enterprise systems as a part of their botnet by exploiting remote code execution vulnerabilities in enterprise-level software.
“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report. “Crypto mining offers attackers the most direct avenue to monetise efforts by putting money immediately into their cryptowallets.”
Besides credentials threats, the report says the number of DDoS attacks has also risen 14 per cent in Q4, compared to the same period the year before.
“Increased automation and data mining have caused a massive flood of bot traffic to impact websites and Internet services. Although most of that traffic is useful for Internet businesses, cybercriminals are looking to manipulate the powerful volume of bots for nefarious gains,” said McKeay.
“Enterprises need to watch who is accessing their sites to differentiate actual humans from both legitimate and malicious bots. Not all web traffic and not all bots are created equal.”
The full report with a detailed breakdown of cyber threats in Q4 can be found on this link.
Image credit: Frank_Peters / Shutterstock