14 DAY TRIAL // More and more businesses are infiltrated by malicious and increasingly difficult to detect bots, according to Cybernews. This is particularly affecting retailers who had to expand their online presence to meet the needs of their customers.
According to Netacea, a company that specializes in detecting and mitigating bot activity on websites, approximately 500 businesses based in the United States and the United Kingdom from various industries, including travel, entertainment, e-commerce, financial services, and telecommunications, were evaluated. The businesses that took part in the poll had revenues ranging from $350 million to over $7 billion.
Two-thirds of businesses realized their websites were attacked by automated bots. Approximately 46% of respondents stated that they have been targeted by mobile apps, and 23%, especially from the financial services industry, claimed to have been targeted by bots (computer programs).
Based on current estimates, bots controlled by malevolent actors cost businesses 3.6% of their annual income. Businesses in the worst-hit 25% might stand to lose a quarter of a billion dollars every year if their operations are not properly managed.
The time delay between an attack and detection is concerning
Netacea stated, “The biggest problem for most businesses is account checker bots that use breached passwords to take over accounts through the credential stuffing, though sniper bots, scalper bots, and scraper bots are not too far behind,” adding that the delay between an attack and its detection is another worry in the cybersecurity sector. It takes 14 weeks for an attack to be detected, meaning that threat actors can go unnoticed for months, according to Netacea’s experts.
Bots were categorized by Netacea into the following categories:
- Scraper bots that collect massive volumes of data from websites.
- Account checker bots that employ leaked username/password combo lists to test a website also known as credential stuffing attack that uses reused passwords.
- Sniper bots that watch time-based activity and submit information at the final possible minute, preventing other individuals from responding.
- Buy-limited goods bots that automate the process of buying limited goods such as event tickets, completing the checkout procedure faster than a genuine customer.