Security News > 2020 > March > Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly.
"We talk about API attacks and the reason why criminals are using targeted methods against API because the traditional 'throw it and hope it sticks' against financial services just isn't cutting it anymore, they have to be more creative," Steve Ragan, security researcher with Akamai, told Threatpost.
Threatpost talks to Ragan about the hardest hitting attack threats against the financial services industry, including credential stuffing attacks, DDoS attacks and more.
There were some really good points in the research about kind of DDoS attacks and how that impacts financial services as well as credential stuffing and APIs.
We saw a bump in targeted API attacks for credential stuffing against the FinServ sector and then also local file inclusion jumped up ahead of SQL injection when it comes to the type of web attacks we're seeing against financial services.
News URL
Related news
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)