Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job

Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job
How stolen credentials for services like Zoom and password reuse practices threaten to compromise other accounts and applications.

Like most of us, hackers would prefer to do as little work as possible, and all too often, we serve as their accomplices.


While some of those engaged in cyberattacks still wield virtual hacksaws and decode complex pathways, just about every cyberthief seeks the path of least resistance. Credential stuffing is one of the names that that path goes by.


Credential stuffing takes basic brute-force attacks to another — one might say more efficient — level. It replaces bluntness and random strings not with finesse but with what amounts to inside information. Think of credential stuffing as less like picking a single lock than gaining possession of the master key. In the wake of a breach, any breach, login credentials suddenly become currency, eligible for use on other servers.  


That's problematic enough during normal times. During the COVID-19 pandemic, the challenges have only multiplied. Large-scale phishing campaigns and database dumps are happening at this writing. Risk factors are off the charts, given that more users are working remotely and, unfortunately, are having a tough time spotting phishing emails. That in turn leads to stolen credentials for services like Zoom and, thanks to password reuse, threatens to compromise other accounts and other applications. This also leads to the increasingly pervasive — and threatening — practice of business email compromise (BEC), where a single phished or dumped password can expose a user's full email history and enable the attacker even more access into that user's personal and professional life.


Back in the day, hackers maintained word lists — likely or conceivable passwords — to use against a system or an account. Hitting paydirt was a time-consuming process that paid uncertain dividends. Wi ..

Support the originator by clicking the read the rest link below.