This post was originally published here by (ISC)² Management.
Bad bots make up more than one third of internet traffic, and although some of them try to influence elections and feed conflict on social media, most are targeting business websites, according to a newly published report.
Set loose across the internet, armies of bad bots constantly carry out a multitude of misdeeds against businesses in just about every industry. Their activities include scraping prices by competitors looking to gain an upper hand in price SEO searches, stealing proprietary content, taking over accounts with stolen credentials, perpetrating credit card fraud, skimming money from gift card accounts and executing DDoS (distributed denial of service) attacks.
In 2017, bad bot internet traffic grew 9.5 percent to about 22 percent of all traffic, primarily targeting industries such as gambling, airlines, finance, healthcare and retail, according to the 2018 Bad Bot Report published by Distill Networks.
“Bad bots interact with applications in the same way a legitimate user would, making them harder to detect,” according to the report. “Bots enable high-speed abuse, misuse, and attacks on your websites and APIs. They enable attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.”
See No Evil
Fighting bad bots is time-consuming and challenging. Their origins are difficult to determine, and if an organization attempts to take legal action against perpetrators, it will likely run into roadblocks. Such action is costly and if the bot operators are in a different country, legal action may prove futile.
Businesses often ignore bots because they don’t understand the damage they cause. While a business turns a blind eye, bots could be stealing valuable intellectual property, breaking into user accounts or carrying out some other mischief. Any of these activities can cause financial losses, incur mitigation costs and hurt a company’s reputation once a breach becomes public.
Cybersecurity teams cannot afford to ignore bad bots, considering that according to Distill Networks, “every business with an online presence is regularly bombarded by bad bots.” As such, every company needs a plan to deal with this cyber nuisance.
The bad bot report includes a set of recommendations for businesses to protect themselves. Bad bots target different businesses and industries for different reasons, so there is no single solution for the problem.
However, here are some measures you can take:
- Block outdated user agents and browsers
- Block suspicious hosting and proxy services
- Monitor traffic sources to spot bot activity
- Investigate traffic spikes generated by a suspicious single source
- Keep an eye on every bot access point, including websites and mobile apps
- Monitor for failed login attempts and failed validation of gift card numbers
Data and People
Understanding how bad bots operate, and what they are after, is crucial to figuring out how to fight them. It takes a combination of technology, security best practices and well-crafted policies to address bad bots, as is the case with most cybersecurity challenges.
In our report “Hiring and Retaining Top Cybersecurity Talent,” published this spring, (ISC)2 found that the ability to “protect people and data” is one of the most important attributes cybersecurity jobseekers look for when evaluating a potential new employer. Effective bad bot protection fits into that mission – and may be something jobseekers take into account before accepting an offer.