Attempts to hack into Singapore media sites more than double: Study

Singapore has an extremely high level of Internet usage, including mobile phone ownership among the citizenry, and the Republic's well-connected nature makes it a natural target for credential stuffing attacks, experts said.
Singapore has an extremely high level of Internet usage, including mobile phone ownership among the citizenry, and the Republic's well-connected nature makes it a natural target for credential stuffing attacks, experts said.PHOTO: BLOOMBERG

More than 137m malicious log-in attempts last year to access users' personal and financial details

Criminals more than doubled their attempts last year to hack into media websites here to access personal and financial details of users, a new study has reported.

In particular, Singapore's media sites were hit so often by "credential stuffing" attacks that it ranked 8th out of more than 130 countries surveyed by cyber security firm Akamai.

More than 137 million of such malicious log-in attempts were made on media sites last year - a huge spike from the 56 million attempts in 2018, according to the Credential Stuffing In The Media Industry report published last week.

Credential stuffing is the use of user login details stolen from one service or site, to log in to other unrelated sites in order to collect sensitive data such as credit card numbers and personal data that can be used in other attacks or scams.

Hackers use bots to run login details of users they obtain in large batches from places like the Dark Web, which is the black market of the Internet. Media sites like video streaming platforms, social media networks and online news portals were choice targets in such attacks.

"Consumers' accounts that contain personal and financial information are of particular interest to attackers," said Mr Siddharth Deshpande, director of security strategy at Akamai Technologies, on Friday.

"The media industry is one of the biggest targets of credential stuffing attacks, where cyber criminals realise the value of an account - whether it's to a streaming site, a game or someone's social media account," he added.

Experts The Sunday Times spoke to said Singapore's well-connected nature made it a natural target for credential stuffing attacks.

"The year-on-year percentage change as reported by Akamai and the change of 142 per cent for Singapore is not a surprise as the country is a highly connected node and has an extremely high level of Internet usage including mobile telephone ownership among the citizenry," said Mr K.K. Lim, head of cyber security, privacy and data protection at law firm Harry Elias Partnership.

Mr Bryan Tan, a lawyer specialising in technology law and data protection at Pinsent Masons MPillay, added that Singapore likely has a high subscribership to online media, which makes it an attractive target to hackers.

Akamai's research found that the credentials that hackers purchase to use when attempting to log in to media accounts are sold in bulk, which means that hackers can easily get their hands on such data.

This, coupled with the rapid growth of media consumption, is what makes the sector such an attractive target to hackers, said Mr Deshpande, who added that Akamai has noticed a 30 per cent surge in Internet traffic globally this year.

 
 
 

"The media industry is a prized target for criminals who are looking to trade in stolen information and access. These accounts are sold in bulk and the goal for the criminals is to move their goods by volume, rather than single account sales," he said.

Users of media accounts might already have fallen victim to such hackers without knowing it, said Mr Tan, who advised users to be vigilant if they get messages that their accounts are being accessed from places or parties not familiar to them.

"The loss, however, is on the media industry's part in the form of lost income as well as higher cost to stream the media where the login was malicious. It would be in the media industry's direct interest to take the steps to beef up their cyber security," he said.

Mr Lim advised that users should use two-factor authentication where it is offered. It provides an additional layer of security by requiring users to key in a code that is either sent to their mobile phones or generated by a token.

A version of this article appeared in the print edition of The Sunday Times on July 19, 2020, with the headline 'Attempts to hack into S'pore media sites more than double: Study'. Print Edition | Subscribe