Akamai Diversity

The Akamai Blog

Defend Against Web Application Account Takeovers

Akamai Security Researcher Or Katz was recently published at InfoSecurity talking about how to defend against web application account takeovers with cloud security intelligence.

Or writes: 

One of the most important and yet challenging aspects of defending web applications is the ability to prevent account takeover attacks.

Once taken over, the potential damage can include losing access and control over the account, data breach and even fraudulent transactions. So why is account takeover prevention is so challenging? A recent article discussing the massive data breach of Alibaba Group's website Taobao, a Chinese e-commerce website for online shopping, may offer a potential answer:

"Taobao, China's largest online marketplace that operates in a similar fashion to eBay and Amazon, has been hit with an attempted cyber-attack as hackers successfully compromised more than 20 million user accounts linked with the service. The hackers, who have already managed to amass a vast database of 99 million usernames and passwords from a number of Chinese websites unrelated to Taobao, eventually discovered that a significant amount of the data matched active user accounts on the popular ecommerce website."

To read more, please visit: