Cyber threats come in many different forms. Some of them involve spamming a victim’s server or network with Internet Protocol (IP) requests, whereas others involve the use of viruses or other types of malware. If your business has a sustained data breach in the past, though, it may be susceptible to credential stuffing. While not as common as distributed denial-of-service (DDoS) attacks and malware, credential stuffing often target businesses.
What is Credential Stuffing?
Credential stuffing is a cyber threat in which a hacker leverages a list of comprised account credentials to access an otherwise protected system. Account credentials, of course, are the main barrier of defense for systems such as networks, servers, databases and online accounts. To access a protected system, you’ll typically need to enter credentials, including a username and password. With credential stuffing, hackers have a list of stolen or comprised credentials, which they use to access a protected system.
How Credential Stuffing Works
To perform credential stuffing, hackers must first acquire a list of comprised account credentials. It’s known as a “credential stuffing” because it involves spamming a protected account with comprised credentials. The hacker will essentially spam the comprised credentials until he or she finds the right one for the system he or she is trying to breach. Therefore, hackers must first acquire a list of comprised account credentials.
Comprised account credentials can be acquired in the following ways:
- Keylogging malware
- Social engineering
- Hacked devices
Most instances of credential stuffing are automated. Hackers don’t manually enter each comprised credential. Rather, they use software that automatically attempts to use the credentials. The software will automatically enter the compromised usernames and passwords on behalf of the hacker.
Credential Stuffing vs Brute Force Cyber Attacks
Many people assume that credential stuffing is the same as a brute force cyber attack. After all, they are both two common cyber threats that involve a hacker trying to gain access to an otherwise protected system. With that said, credential stuffing is typically more concerning because of its use of comprised account credentials.
With a brute force cyber attack, hackers attempt to guess the credentials to a protected system. Credential stuffing is different in the sense that hackers use a list of comprised credentials. The hacker may now know the right username and password combination for a protected system. Nonetheless, he or she will attempt to access the protected system by spamming it with credentials from a list of comprised credentials.