Sharply rising “credential stuffing attacks” in 2019 were directed at media companies, according to a new study from cybersecurity/cloud service company Akamai.
These credential attacks are targeted at low-profile websites by the digital thieves -- those where consumers reuse the same passwords across different websites. In turn, criminals then use the information on sites with more sensitive personal data.
Akamai says: “These attacks desire not only the commercial assets (new-release movies, original programming, television), but also the ancillary data on the account, such as personal and geographical information.”
These stuffing attacks have a higher success rate, the report adds.
Between January 2018 and December 2019, the media industry suffered 17 billion credential stuffing attacks, and 20% of 88 billion total global attacks were targeted at media companies.
The report says there has been a 63% year-over-year increase against the video media sector overall.
Drilling down in media categories, there was 630% increase year-over-year at broadcast TV network/TV station sites and a 208% rise at subscription- and advertising video-on-demand apps.
A sharp increase in on-demand media content attacks occurred in 2019, which was accelerated in late 2019, when Disney+ and Apple TV+ launched.