From January 2018 through June 2019, Akamai recorded more than 61 billion credential stuffing attempts and more than 4 billion web application attacks. Today, we're releasing a special edition of the State of the Internet/ Security report that focuses on data within the high tech, video media, and entertainment sectors -- collectively named Media & Technology.
These three industries accounted for nearly 35% of all credential stuffing attacks during this time period. Along with a deep dive into this data, Jaspal Jandu, the CISO of DAZN, is featured in this report as our guest author, talking about some of the challenges that face the media industry today.
SQL Injection (SQLi) remained the top attack vector during the 18-month window, with more than 70% of attacks, followed by Local File Inclusion (LFI) at 19.3%, Cross-Site Scripting (XSS) at 3.9%, PHP Injection at 3.3%, and Remote File Inclusion (RFI) at less than 1%.
Top targets for credential stuffing attacks during the 18-month window were the United States, India, Canada, Singapore, and Australia. The companies tied to these locations include some of the world's top brands in the Media & Technology space.The top sources for credential stuffing attacks included the United States, Russia, Canada, Germany, and India.
To dig deeper into the latest SOTI, head to the full report!