Defense against Password List Attacks (account list attack)jamhelper
Password List Attacks (list type account hacking)
Tries to attack more than one website by ID and password obtained unjustly from other websites.
Many users is reusing the ID and Passord in multiple Internet service.
taking advantage of that …
in the web websites around the world using the ID and Password that were illegally obtained, the monetization of point and the steals of personal information is occurred.
From: to call for the unauthorized login prevention by JPCERT / CC STOP !! password reuse!! password list attack
https://www.jpcert.or.jp/pr/2014/pr140004.html
it does not fail in login continuously because the ID and a password are revealed.
detection and prevention will have been very difficult because seceded at same as normal access of almost 1-2 times.
Power of list-type account hacking (list-type attack)ListAttack Damage
Website managers will be required to consider measures of reuse of the password
It does not end with only “damages” if the information leakage caused by the neglect of the measures.
would be occur decrease in income by recovery activities occur by loss of a brand image and the customer cancellation
90% of users reuse the password.
Only “warning” is not enough. It is very important to protect against unauthorized access.
Actual condition of the list type account hacking (list type attack)
“Cost-effectiveness” of the services provided is very important.
The advanced attack is essential the “WAF” introduction.
However, you can see the effective thing to cut off the short-time access of the same user from published case.
Measures of the list-type account hacking
Measures of the list-type account hacking by the Ministry of Internal Affairs and Communications of Japan
It has been published the ‘corresponding measures to unauthorized login by list-type account’ from the Ministry of Internal Affairs and Communications of Japan (2013/12/18)
If more than the threshold of the login request from a particular IP address has occurred, blocking of communication has been cited as an effective countermeasure.
●corresponding measures of the list-type account hacking Overview Detail
Source: “for the corresponding measures to unauthorized login by list-type account hacking (website administrator, such as the Internet service provider for measures Collection)” (Ministry of Internal Affairs and Communications)
(http://www.soumu.go.jp/menu_news/s-news/01ryutsu03_02000063.html)
(Using the December 28, 2014)
The application layer is difficult measures in the performance and operational aspects, but it is feasible with the introduction of jamhelper.
Damage situation which has received the list type account hacking
Damage companies transition of JPCERT / CC that is based on published information has been aggregated list type account hacking (list-type attack) is as follows.
(after April 2013)
From: to call for the unauthorized login prevention by JPCERT / CC STOP !! password reuse!! password list attack
https://www.jpcert.or.jp/pr/2014/pr140004.html