Blog

How Cybercriminals Are Keeping Themselves Entertained

How Cybercriminals Are Keeping Themselves Entertained

With the given pandemic, a lot of people have had a bit more time on their hands, so it makes sense that many are turning to streaming services and the like for their entertainment. Unfortunately, this has not gone unnoticed by cybercriminals.

Let’s take a few moments and examine the practice of credential stuffing.

What is Credential Stuffing?

Credential stuffing is an aptly named method for an attacker to gain access to an account. It’s also the reason why we always recommend that you use a different username and password for each account.

Let’s say that Website A, a popular social media platform, suffered a data breach, and some of its info was leaked, with usernames and passwords included in the mix. This means that John Q. Hacker can take this list, go to other sites, and start trying them out. If a user was reusing their credentials, our hacker has a match and now has access to their account and information, whatever it may be.

So, by essentially running through a spreadsheet, an attacker can gain access to far more accounts than they should.

The Current Problem

In their most recent report, Akamai (a platform-based service provider) had reviewed data collected throughout 2018 and 2019 to deliver insights to the media industry. As they explain in their included letter from the editor, the rise of the COVID-19 pandemic quickly caused them to reconsider. Thanks to this reconsideration, the report also shows trends as influenced by the pandemic.

As you might imagine, these trends are quite telling.

Credential stuffing exploded as the coronavirus tightened its hold. In fact, reviewing the documents that Akamai produced shows that their graphs needed to be dramatically increased in scale, tens of millions transitioning to hundreds of millions as numbers increased fourfold. As Europe locked down, a video media service was hit on March 26 by over 364 million malicious login attempts, with over 6 billion attempts taking place in that month alone.

The economics of these stolen credentials also share some insights. In the beginning of Q1 2020, researchers took note that video media accounts were priced at about $1 to $5, with bundled services coming in at $10 to $45 each. However, these prices plummeted by the end of Q1 with all the new credentials that were made available.

Why This Matters

As we have already stated, these kinds of attacks are exactly why it is recommended that access credentials aren’t recycled.

“Why would anyone hack into my stuff?”

We’ve all had this rationalization sound off in our heads as we’re asked to provide a password for a new account. We wonder if it really matters how secure our password is, after all, we’re not anyone of interest, so is all that security really worth the effort?

Besides, it’s easier to just remember the one.

As a result, a sizable number of people have the same usernames and passwords on multiple platforms. This is where the problem lies. Sure, some person accessing your Netflix account is one thing, but someone accessing your bank, or your tax returns, or your work email (sending us down another rabbit hole) is quite another.

So, where do we go from here?

Well, first thing, you need to go over your own accounts and make sure that all of them are properly secured. At White Mountain IT Services, we tend to recommend that your passwords include the following, to help boost their security:

  • Lots of characters
  • A diverse mix of letters, numbers, and symbols
  • No personally identifiable details (like your pet’s name, hobbies, etc.)

Alternatively, you could consider a passphrase. A passphrase (like “flankingcollisioncurtlytabletbovine”) takes five unrelated, random dictionary words and combines them, making a memorable, but essentially impossible to crack, passcode for you to use.

Second, we recommend the use of a password manager to help keep track of these passwords/passphrases. With a password manager to help you remember, you no longer have any excuse to slack off on your security.

White Mountain IT Services can help make your business’ computing more secure as well, along with our many IT services. Find out how we can assist you by giving us a call at 603-889-0800.

Related Posts

Starting in 2008, Verizon has produced a report outlining the cybersecurity incident trends that the previous year demonstrated. In doing so, they have provided a resource that gives businesses greater insights into where their cybersecurity efforts ...
Think of how easy it is to trick a human. Entire industries are centered around it. Just think about the flashy magazines at the checkout counter promising us perfect summer bodies if we just follow Channing Tatum’s simple 30-step breakfast routine. ...
Cybersecurity should always be a priority for a business, and cyber criminals are always evolving their tactics. As a result, it pays to keep an eye on the horizon for the next looming threats. Here, we’re reviewing a few threats that cybersecurity p...
Automation is sometimes misconceived as a troublesome or unreliable addition to business. It’s not about replacing people with machines, it’s about getting more done with the people you have. Having an attitude that doubts technology and believes not...
Most people have acquired much of their familiarity with what a hacker is through the mixed representation seen in pop culture today… but does this impression match up to a hacker in real life? Popular entertainment unfortunately doesn’t differentiat...
With cybersecurity talent at such a critical shortage, data breaches that expose millions of people’s sensitive information are routine occurrences. It is one of the biggest problems that the modern business faces. Since shortages have businesses of ...
If you’ve spent any time using a computer, you probably know what a URL is. It is the address of a website. It typically starts with “http//:” or “https://” and directs the Internet browser on where the user would like to surf. Nowadays a threat coul...
How concerned are you with your business' cybersecurity? When you envision your business in the future, do you see yourself constantly fighting cyberattacks, or paying ransom? Hopefully not, but what if cybersecurity turns into one of the most diffic...
Is your business equipped with the necessary tooling to adopt remote working strategies? Remote workers have an incredible amount of benefits to contribute to your business’ operations. Remote work is not possible without a well-thought-out strategy....
There’s a reason that cybercrime is so popular: it is no longer reserved for those with extensive programming knowledge to profit from. Now, according to a report by Deloitte entitled Black Market Ecosystem: Estimating the Cost of “Pwnership”, there ...
Mobile devices accompany us more or less everywhere, leading us to use them more and more frequently in all aspects of lie, including for business purposes. As a result, cybercriminals have even more motivation to target them. To help you avoid a mob...
It doesn’t matter how much of a technology novice someone is, chances are, they’ve heard the term “hacker” before. A favorite character trope of Hollywood films and television dramas, these cybercriminals have appeared in productions like Die Hard an...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions