Radware report highlights evolving strategies in credential stuffing attacks.

Radware has released findings indicating a trend shift in credential stuffing attacks from volume-based methods to complex, multi-step infiltrations. This change impacts how organizations approach cybersecurity strategies.

Report Overview

The report titled “The Invisible Breach: Business Logic Manipulation and Application Programming Interface Exploitation in Credential Stuffing Attacks” emphasizes that modern cyber threats now involve more than just basic password attacks. Companies are encouraged to reassess their security frameworks to manage risks more effectively.

Advanced Attack Methodologies

Analysis of 100 configurations reveals extensive use of business logic manipulation, with 94% deploying multiple elements of this kind. Furthermore, 83% leverage targeted Application Programming Interface (API) techniques, showing the sophistication of current methods.

• Notable is the orchestration of 13 or more distinct techniques within 54% of these configurations.
• Multi-device spoofing is also evident, with 24% of scripts switching between device types.

Primary Targets

Industries such as Technology/SaaS are increasingly becoming common targets, representing 27% of incidents reviewed, with financial services at 16% and travel at 13%. High-value online tools, particularly Artificial Intelligence (AI) solutions, are under threat, being targeted by 44% of attack scripts.

• Additionally, corporate tools like Microsoft 365 and OneDrive account for 30% of the sector focus.

Centralized Threat Landscape

The report highlights that a small number of advanced threat actors contribute to the majority of credential stuffing activities. Over half (51%) of configurations came from just three such groups, each with considerable experience in manipulating authentication processes.

Conclusion

This report provides a detailed examination of how credential stuffing techniques are evolving, emphasizing the need for businesses to tighten their security measures across all potential vulnerabilities. This summary reflects an important analysis of current cybersecurity trends relevant to IT leaders and decision-makers.