Protection against bots

Here are nine recommendations to help stop bot attacks.
Block or CAPTCHA outdated user agents/browsers. ... 
Block known hosting providers and proxy services. ... 
Protect every bad bot access point. ... 
Carefully evaluate traffic sources. ... 
Investigate traffic spikes. ... 
Monitor for failed login attempts.

Separate from rate limiting and direct engineer intervention, the easiest and most effective way to stop bad bot traffic is with a bot management solution. A bot management solution can leverage intelligence and use behavioral analysis to stop malicious bots before they ever reach a website.


More business is done online than ever before, which means bot attacks are up and the stakes are higher and higher for businesses. In 2019, bots accounted for over half of all automated web traffic and nearly a quarter of all internet traffic. Organizations are aware of the growing increase in bot attacks and the need to defend against them. However, most organizations recognize they are not prepared to protect against bot and malicious-automated attacks. Google commissioned Forrester Consulting to evaluate bot management approaches in order to help our customers protect against online fraud and abuse. Today, we share our findings from the research, including the most prevalent attacks targeting businesses and how to protect against them. 

Businesses understand the impending threat of bot attacks, but acknowledge they are not yet prepared for them.  

In our research, we see that 84% of companies saw an increase in the number of bot attacks over the last year. The transformation of so many businesses into digital businesses due to COVID-19 increased the number of attacks; 71% of companies experienced an increase in the number of successful attacks, and 56% of companies reported seeing different types of attacks. 

Despite being aware of the rise in bot attacks, most organizations are not prepared to fend off them. Most are not using the right combination of security products to protect against bots. 78% of organizations are using DDoS protection, WAF, and/or CDNs to manage bots; only 19% are currently using a full bot management system. DDoS protection, WAF, and CDNs are all important tools to protect web applications, but they do not sufficiently protect against bots. Bots attack an application’s business logic, and only a bot management solution can protect against that sort of threat. To effectively safeguard web applications from bot attacks, organizations must use tools like DDoS protection, WAF, and/or CDNs, alongside a bot management solution..

Organizations are also unprepared for bot attacks because they are not protecting themselves against the most important and common attacks. For example, only 15% of businesses are currently protecting themselves against web scraping attacks, yet 73% face these attacks on a weekly basis. 63% report losing between 1% and 10% of their revenue to web scraping attacks alone. On average, organizations are only protecting themselves against three different types of attacks — most commonly card fraud, ad fraud, and influence fraud attacks. Businesses need to take time to identify the most common attacks targeting them so that they can then put proper protection measures in place.

Most businesses are currently too siloed to come together to defend against bots. 

Effective bot management relies on collaboration between many teams within an organization, including security, customer experience, e-commerce, and marketing. But on average, only two teams are involved in bot management, usually the application security and security operations teams. Yet, it’s the e-commerce, fraud, and network security professionals that most commonly consume the data from bot management tools. This disconnect can lead to the commerce or fraud teams being left out of critical bot management decisions.

Because there are so many stakeholders involved in bot management, organizations struggle to create a unified approach to deal with bots. The lack of a cohesive approach to manage and respond means that, on average, firms spend 424 hours — 53 working days — across roles resolving the situation after an attack. Consequently, this often means employee frustration is one of the biggest outcomes of bot attacks, creating even larger problems than lost revenue and customer trust. Spending almost two working months to resolve attacks means that employees spend too much time being reactive rather than proactive, and not enough time on strategic work.


Make strategic investments and organize to protect against bot attacks. 

Your business can better protect against attacks by implementing a bot management solution and

Comments

Post a Comment

Popular posts from this blog

Global Impact

Image
Digital illiteracy is a phenomenon that affects the most vulnerable. It is the term used for the inability to use digital tools on a daily basis and affects 17% of the population, or nearly 13 million people in France, according to the French national statistics office INSEE. The main causes are social, regional and generational. For example, 50% of non‑Internet users live in towns with fewer than 20,000 inhabitants and 34% of low‑skilled or unskilled people are affected by the problem. In this digital age, the digital divide and digital illiteracy are deepening existing inequalities and reinforcing the exclusion of those who are already vulnerable, since they affect 16% of low-income households, but just 4% of the wealthiest households. Worse still, according to a survey published in November 2018, the digital revolution is seen more as a vector of exclusion than of inclusion (39% versus 18% of respondents, respectively). Digital literacy is the ability to navi...
Read more

Food Adulteration

Image
Food adulteration refers to the alteration of food quality that takes place deliberately. It includes the addition of ingredients to modify different properties of food products for economic advantage. Color, appearance, taste, weight, volume, and shelf life are such food properties. The food industry includes manufacturing, packaging, processing, wholesale and distribution of food products. Compromising quality of these products is essentially compromising the health and safety of the populace of the country. Therefore, the quality and standard of food that reaches the public has to be above a certain benchmark. The food adulteration laws basically set this benchmark. Adulteration of food is defined as “the addition or subtraction of any substance to or from food so that the natural composition and quality of food substance is affected”.[1] This results in an inferior quality of the food. This can either be done intentionally for making some kind of profit or it can happen...
Read more