Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job
Like most of us, hackers would prefer to do as little work as possible, and all too often, we serve as their accomplices.
While some of those engaged in cyberattacks still wield virtual hacksaws and decode complex pathways, just about every cyberthief seeks the path of least resistance. Credential stuffing is one of the names that that path goes by.
Credential stuffing takes basic brute-force attacks to another — one might say more efficient — level. It replaces bluntness and random strings not with finesse but with what amounts to inside information. Think of credential stuffing as less like picking a single lock than gaining possession of the master key. In the wake of a breach, any breach, login credentials suddenly become currency, eligible for use on other servers.
That's problematic enough during normal times. During the COVID-19 pandemic, the challenges have...