5 Tips for Fighting Credential Stuffing Attacks

credential stuffing

Author: Gary O’Brien, Director at Safe Harbour Security

February 2021 has seen what some say is the largest data breach of all time, a massive database containing 3.2 billion unique email/password pairs leaked on a hacker forum online.

COMB – the compilation of many breaches contains 3.2 Billion (yes that’s correct billion) unique pairs of clear text emails and their matching passwords.

This mammoth compilation of hacked data was shared on a hacking forum as an interactive database, with built-in scripts for finding and sorting login data.

It’s a veritable playground for hackers, who can automate credential stuffing attacks on individuals or groups to access services where exposed passwords have been reused.

Credit stuffing is a type of cyber-attack where stolen account credentials (usernames and password combo’s) are used to gain unauthorised access to user accounts through large scale automated login requests directed against web applications.  

Given the rise in credential stuffing we have compiled the following 5 Tips to prevent your account becoming susceptible to credit stuffing.

Boost user awareness on password management: With many users still reusing passwords across accounts, one place to start is education, improving user password habits is a great start in defending against credential stuffing-attacks. Educating employees on best practices and reminding them to change their passwords on a more regular basis can make it harder for hackers to pull off a successful attack.

Set up two factor authentication: Using two factor authentication (2FA) is another great way to keep your data safe in the event of a breach. We recommend setting up 2FA wherever possible starting with your most important accounts.

Use a Password Manager – Use of password managers to generate and store passwords makes it more difficult for hackers to access your passwords and means you are not burdened with trying to remember numerous different passwords for different accounts.

Use anomaly detection tools: These could be either free or enterprise-grade online threat intelligence tools that can help identify risk signals – such as a breached password or a higher than usual number of failed authentication attempts 

Never share accounts and passwords and remove redundant accounts: Whilst this seems like common sense its surprising how many privileged accounts are shared in a business in the name of convenience and how many user accounts remain with privileged access even though that person left the organisation months or years ago. 

This type of cyber-attack can be quite effective with hackers obtaining unfettered access to critical accounts and getting access to your data months before you know that you have a breach.

Implementing an information security framework such as ISO27001 can help reduce the risk of these and many other cyber-attacks happening in the first place.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

No Obligation Required

Book Your free consultation