Lightboard Lessons: Credential Stuffing
The essence of the Credential Stuffing problem centers around the fact that lots and lots of user credentials have been stolen from many different places. An attacker will take stolen credentials from one place and try to "stuff" them into another in order to gain access. The problem (other than the fact that credentials were stolen) is that many people use the same username and password on multiple web applications. This video discusses the issue of credential stuffing and offers solutions to avoid this problem. Enjoy! Related Resources: Fight Credential Stuffing Mitigating “Sentry MBA” - Credentials Stuffing Threat Configuring BIG-IP Application Security Manager (ASM)2021 Credential Stuffing Report on F5 Labs
Over the last few years, security researchers at F5 and elsewhere have identified credential stuffing as one of the foremost threats. In 2018 and 2019, the combined threats of phishing and credential stuffing made up roughly half of all publicly disclosed breaches in the United States. Now it is February 2021 and the tech industry is reeling from the twin shocks of the theft of FireEye’s red team tools and the SolarWinds Orion supply chain attack. We at Shape & F5 Labs anticipate there will be many more announcements and unwelcome discoveries surrounding credential spills and, it is important to point out, these campaigns also presented an opportunity for attackers to achieve persistence in the environments of thousands of organizations. For this year, we have renamed the Credential Spill Report (previously published by Shape Security, now part of F5) to 2021 Credential Stuffing Report. We did this in order to look at the entire lifecycle of credential abuse, dedicating much time and effort to not just quantifying the trends around credential theft but also to understanding the steps that cybercriminals take to adapt to and surmount enterprise defenses. Some Key Findings in the report include; The number of annual credential spill incidents nearly doubled between 2016 and 2020. Despite consensus about best practices, industry behaviors around password storage remain poor. Median time for discovering a credential spill between 2018 and 2020 was 120 days; the average time to discovery was 327 days. there are many more... Head over to the F5 Labs, 2021 Credential Stuffing Report to see more key findings, dive into the details around terminology and real-world data, look at lifecycle analysis around theft, fraud, sale, and abuse, and lastly - look at some steps you can take to minimize your exposure to the threats around credential stuffing.GLOBAL Live Webinar: Key Takeaways for the 2023 F5 Identity Threat Report
This event is open to all F5 users regardless of geographic location. Date: Thursday, February 29, 2024 Time:10:00am PT | 1:00pm ET Speakers: Sander Vinberg, Threat Research Evangelist, F5 and Corey Marshall, Director Solutions Engineering What's the webinar about? Changes in how organizations build, run, and secure information systems have also shifted how we look at authentication and access control. The emerging concept of identity is transforming the ways humans and non-human actors use data and compute power. Meanwhile, organizations’ focus on identity also means that it has become a focus for attackers. Organizations must stay vigilant by addressing the latest attack techniques– and take a proactive approach to mitigating identity risks. Join Corey Marshall, Director of Solutions Engineering,and Sander Vinberg, Threat Researcher and lead author on the 2023 Identity Threat Report: The Unpatchables, as they share findings from the report and discuss their practical implications for securing digital identities. They will explore the top threats, highlight what you need to watch for, and specific F5 technologies that can help you address these threats. Attend this webinar to discover: The state of credential stuffing, including preferred targets The evolution of phishing, including tactics and counter-countermeasures What the growth of MFA bypass techniques could mean for you Learn more, register today
