Sharp rise seen in attacks using stolen credentials

The attacks have been beating fraud detection systems

Organizations are seeing a sharp increase in attacks using stolen account credentials, with crooks using new techniques to beat fraud detection systems, according to Gartner.

Gartner clients have reported a "significant rise" over the last two months in the use of stolen credentials to access accounts, wrote fraud expert Avivah Litan in a blog post Thursday.

The hackers are trying to access systems related to credit cards and financial data, digital currency, travel rewards and high-end fashion -- "anything and everything that has monetary or resale value," Litan wrote.

The type of attack is not new, but the methods are making it more difficult to detect.

Sweeping attacks that try out thousands of stolen account credentials are usually detected and blocked quickly. But the fraudsters are going in low, slowing the pace of attacks and distributing attempts to gain access through a large number of computers.

"The average online retail attack will only use an IP address 2.25 times now before moving on to the next IP address," Litan wrote.

Account credentials may be tried only once or twice an hour from different endpoints on a botnet over days or weeks, a technique that makes the attempts appear less suspicious and harder to identify.

Other times, the fraudsters use networks associated with popular cloud services whose IP addresses are not considered malicious and will not be blocked, she wrote.

Device fingerprinting, a technique that involves mimicking certain parameters of a device to evade detection, is also slipping under the radar. Fraudsters who know a person's credit card details will try to access a service from an IP address in approximately the same geographic area that they live, for instance.

The account credentials used in the attacks are likely being obtained from data breaches at major services. Litan cited the discovery of a gang likely based in Russia called CyberVor that amassed 1.2 billion login credentials and 500 million email addresses from a variety of services.

The discovery was made by Hold Security, a Wisconsin-based firm that also detected major data breaches at Adobe and Target. Many observers shrugged off the discovery and questioned Hold's motives rather than "confronting the gravity of this finding," Litan wrote.

For companies trying to defend their properties, Litan said there are security systems on the market that can beat some of the new techniques. They include cloud-based systems that aggregate the metadata for IP addresses and devices used for transactions, and "deflection," a technique that scrambles website code and makes it harder for attackers to identify weak weak points.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartner

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?