With over 120 crore account takeover attacks in 2018, India came only second to the US among top destinations for hacking attempts in the world, said a new report. Each attack represented an attempt by a person or computer to log in to an account with a stolen or generated username and password, according to a new edition of the “State of the internet/security” report from Cloud delivery network provider Akamai Technologies.
Canada comes close third for attacks. However, India and Canada are greatly overshadowed in volume compared with the US, said the report that focused on credential stuffing — or breaching of databases — attacks. The US witnessed 1,252 crore hacking attempts in 2018, compared with 120 crore in India and 102 crore in Canada.
These attacks targeted a range of sectors, from media and entertainment to retail and gaming. Hackers target large video and entertainment brands, because access to verified accounts could be sold or traded in underground marketplaces, Akamai report said.
In the video media sector alone, three of the largest credential stuffing attacks in 2018 increased from 133 million to nearly 200 million, the study said.
“Credential stuffing attempts can advance to full-blown account takeovers and compromises because people tend to use the same password across multiple websites — or the passwords they are using are easily guessed, and they generated credentials,” the report said.
The market for stolen media and entertainment accounts is thriving. “The media, gaming, and entertainment industries are prized targets for cyber criminals who are looking to trade in stolen information and access. The accounts are sold in bulk, and the goal of hackers is to move their goods by volume, rather than single account sales,” the report said.