Forged sign ups, cred stuffing are top threats to digital IDs

The exponential rise of fraudulent registration, credential stuffing attacks, and the widespread use of breached credentials are currently the key areas of concern for security professionals tasked with managing digital identities, according to Okta.

Data from across the world gathered through Okta Customer Identity Cloud, powered by Auth0, show that, first, fraudulent registrations are an ever-present and growing threat.

In the first 90 days of 2022, Okta observed almost 300 million fraudulent account creation attempts, accounting for about 23% of signup attempts, up from 15% in the same period last year. 

Energy/utilities and financial services experienced the highest proportion of signup attacks, with such threats accounting for most of the registration attempts in those two industries.

Second, credential stuffing is on a record pace and are the most common threats to retail/e-commerce (more than 80% login activity), financial services and entertainment verticals. 

In the first 90 days of 2022, the platform detected almost 10 billion credential stuffing events, representing some 34% of overall traffic or authentication events. In Southeast Asia, which was buoyed by several large-scale attacks, credential stuffing accounts for the majority of identity events. 

Third, threat actors are targeting multi-factor authentication (MFA). In the Asia-Pacific region, MFA bypass attacks are responsible for more events than signup attacks. Because of its proven merits, more application and service providers are recommending or requiring MFA. 

As attackers become more sophisticated at targeting this important defensive measure, it’s critical that MFA be implemented correctly and that strong secondary factors are chosen.

And fourth, every company faces unique challenges. The threats facing any particular application or service vary enormously by geography, industry, and brand prominence, among other factors. 

At the same time, different organisations have different risk appetites and exposures. The appropriate level of friction introduced by security measures will therefore vary on a company-to-company basis. 

“Digital transformation will continue to be high on the priority list for many organisations, and a reliable CIAM (customer identity and access management) could help businesses combat account takeover to protect consumers and businesses while boosting seamless consumer experience,” said Ben Goodman, SVP and general manager of Okta in for Asia-Pacific and Japan. 

“The first step towards implementing CIAM securely is to understand why and how adversaries are attacking these customer-oriented businesses,” said Goodman. 

As attackers focus greater attention on targeting identity systems and evolving their tactics, techniques, and procedures (TTPs), the report highlighted that it is essential for application and service providers to  implement defense-in-depth tools that work in combination across the user, application, and network layers; and to continually monitor their applications for signs of attacks and changes in TTPs.

They are also advised to make adjustments (tune parameters, tighten restrictions, introduce new tools, etc.) as needed. Leaders across these functions should work together to implement CIAM in a manner that balances quality of customer experience and system security, in the context of desired use cases, customer types, data types, industry-specific risks, and risk appetite. 

“Trust between customers and organizations is sacred and hard-earned, therefore it is crucial to make identity security a board-level issue,” said Goodman. “Placing identity security at the core of your business will allow your workers to focus on innovation, collaboration, and productivity while reducing overall identity-related risk.”