NEWS // Scenario

Sophisticated attacks on the rise and streaming industry targeted the most

Share

Sophisticated automated attacks emulate human behavior to evade detection. According to the data presented by the Atlas VPN team, 73% of attacks directed at the streaming industry were sophisticated. Furthermore, the stolen credential success rate has risen significantly during login attacks, meaning hackers took away more accounts.

Cybersecurity writer and researcher at Atlas VPN William Sword analyses the situation and shares his thoughts on sophisticated attacks.

“As internet security tools improve – Sward says – hackers need to come up with more advanced attack technologies as well. Sophisticated automated attacks emulate human behavior to evade detection. They can imitate human keystrokes and mouse movements. Such bots can trick standard bot-detection tools through human workers.

THE DATA
According to the data presented by the Atlas VPN team, 73% of attacks directed at the streaming industry were sophisticated. Furthermore, the stolen credential success rate has risen significantly during login attacks, meaning hackers took away more accounts.
The data is based on NuData Security report H1 2021: Fraud Risk at a Glance. Analysts collected the statistics for the report from January 1 - June 30, 2021.

FireShot Capture 031 -Proofpoint

The streaming industry was the most targeted with sophisticated attacks in the first half of 2021, as 73% of all threats were advanced. Due to the pandemic, usage of streaming services increased exponentially, meaning more people became vulnerable to cybercrime. Netflix is a prime target for distributing malware, stealing passwords, and launching phishing attacks.

Next up, 59% of sophisticated attacks were directed at the event ticketing industry. Inventory fraud, in which scalpers employed bots to buy massive quantities of goods for resale, has fueled the trend. Cybercriminals can make some serious cash by purchasing entire supplies of tickets in seconds and then reselling them for up to 50% of the price.

The exact rate — 59% of sophisticated attacks were also launched at the travel industry by hackers. Hackers utilize data on product pages like prices, availability, limited-time offers, user reviews, ratings, flight numbers, and much more. The scraped data is used for undercutting prices, imitating special deals, and copying or repurposing content.

The retail industry shared a similar percentage between sophisticated and basic attacks — 52% and 48%, respectively. On the other hand, basic cyberattacks dominated the financial and digital goods industries by targeting 87% and 91% each.

CREDENTIAL QUALITY IMPROVED
Most data hackers steal can be outdated or inaccurate, meaning that only a tiny number of credentials are usable. Even if the success rate is low, millions of hacked credentials could turn into a couple of thousand affected people.

Comparing H2 2020 and H1 2021, the most significant increase in credential success rate was in the streaming industry, going up from 0.19% to 29%. The second-biggest increase was seen in the event ticketing industry, where login success percentage went up from 3.95% to 16%.

FireShot Capture 032 - Proofpoint 600

Moreover, the retail industry also noticed a significant increase in credential success rate, rising from 1.18% in H2 2020 to 12% in H1 2021. However, travel, financial and digital goods industries barely had any changes or no increase at all in login success percentage.

The average credential quality jumped from a 2% success rate in 2020 to 9.9% in H1 2021. The growth could be attributed to several factors, such as a general increase in phishing attacks. Another reason is that hackers began targeting industries unprepared for the transition to the digital world during the pandemic or those that have not invested as much in security controls.

Advanced hackers nowadays deploy bots that can convincingly mimic human behavior and launch thousands of bots at once to overwhelm standard security systems. As cyberattacks get more sophisticated, it is not enough to use traditional security tools such as antivirus. Organizations should also employ bot protection services”, Sword ends.

by the Editorial Staff

13.10.2021


\\ Articoli correlati

Star System: alleati degli Installatori!

Star System è una realtà sempre in grande evoluzione e...

EN54 Voice Emergency: PASO and its safety route across Italy

Safety first: an important role is played by this motto in the PASO R&D department. The...

ELAN a Sicurezza 2021: novità e programmi

ELAN è stata tra le protagoniste a Sicurezza 2021. Cristiano Montesi,...

Follow us...