Last month, internet registry RIPE NCC Access reported a ‘Credential-Stuffing’ attack that affected its single-sign-on (SSO) platform. According to RIPES, though no SSO accounts were reported compromised by far, the attack caused some downtime. The attack seems to have been discovered and mitigated in due time and steps are being taken to better the security.
The RIPE NCC (Network Coordination Centre) works as the regional registry for the Middle East, Central Asia as well as Europe. The organization consists of various renowned corporations, telecommunications organizations, and service providers from nearly 75 countries. They successfully provide global internet resources and services related to them. These include services like IPv4, IPv6, AS Number resources, and more.
About the RIPE NCC Credential-Stuffing attack:
The news of the attack on RIPE NCC came on the 18th of February when the organization declared to have been the victim of a targeted attack on their Access tool. The attack affected the networks causing them to go offline.
During Credential-Stuffing attacks, attackers leverage accounts credentials to access the accounts of victims. They employ software to compromise accounts by ‘stuffing’ a huge amount of credential combinations at high velocity into the sign-in pages.
Being one of the most common attacks, credential-stuffing attacks have been increasingly common in the past years. Big organizations like The North Face, Spotify, and Dunkin Donuts. Such breaches have a higher success ratio, and the databases leaked in them are widely available.
Two-factor authentication:
RIPE has suggested that all account holders must employ two-factor authentication to ensure the greater safety of their accounts. Though the incident was mitigated in due time, RIPE NCC said that they have been taking steps to “protect them better from similar threats in the future.” With two-factor authentication, the users will be required to enter a one-time code to enter their accounts, making them more secure.
They also suggested that reusing passwords must be discouraged and companies must rely on two-factor authentication to mitigate the risk for those who reuse old passwords. Having only passwords protecting sensitive data can put the safety of these accounts at risk. Using two-factor authentication can keep the users secure from many cybersecurity threats including credential-stuffing attacks.
Fortunately, no account has been reported to have suffered from data loss in this scenario, but the investigations on the same are still underway. RIPE NCC says that In the coming time if any accounts seem to have been affected by the attack, the account holders will be informed regarding the same.