The threat of bad bots — and what to do about them
If you think that humans are the primary users of the internet, think again! As it turns out, more than half of all online traffic is generated by bots. This refers to software applications of varying complexity which run automated tasks/scripts online. Many of these bots perform beneficial actions. For instance, “web crawlers” or “search engine spiders” travel all over the internet indexing the content of different websites so that they can appear in search engine results. Wikipedia, meanwhile, utilizes bots for tasks that range from safeguarding encyclopedia pages against vandalism to suggesting possible content improvements. So far, so useful.
Not all bots are good, however. In fact, if you’ve heard the term “bot” used over the past several years, there’s a high likelihood that it had a negative connotation associated with it — for example, the automated social media accounts that are used for sharing links to fake news.
What good and bad bots share in common is that they allow automated actions to be taken on behalf of the individual or individuals deploying the bot. These are typically repetitive, step-by-step tasks which could theoretically be carried out by a person, but would be difficult to perform at the kind of scale necessary — such as monitoring all 6.3 million pages on English language Wikipedia to see if the pages have been defaced by users.
For cyber criminals, as for legitimate users, bots can help ramp up the number of ways that they carry out attacks, while freeing up their time to focus on tasks like seeking out software flaws they can exploit or breaching confidential data. Bot attacks also have the added benefit of speed, since attacks can be carried out immensely rapidly, far faster than a human would be able to execute such an attack. For those without the proper bot mitigation tools, the results can be extremely nasty.
Bad bots as a service
Unfortunately, cyber criminals’ jobs are getting easier. Previously, attackers would need to possess the skills to execute cyber attacks themselves. Today, the rise of “bots as a service” solutions means that the acquisition of bots can be outsourced for use by cyber criminals who want to carry out malicious actions, but do not necessarily have the technical skills in order to do so.
Bots as a service operate on the same type of subscription model as legitimate subscription services like Netflix or Spotify. Just as subscribers to those two services pay a regular sum of money in order to access them, so too do bots as a service allow attackers to access malicious bots, complete with various levels of service and price on offer.
These bots can be used for a variety of criminal purposes — including checkout fraud (something that can represent up to 30 percent of traffic on ecommerce sites), user data theft, carding fraud, account takeover, scalping, and much more.
One of the biggest bot-driven threats organizations face are Distributed Denial of Service (DDoS) attacks, in which large “botnets,” consisting of thousands of infected, internet-connected devices, are used as Manchurian Candidates to bombard a website or internet service with enormous amounts of fake traffic.
The goal is to overwhelm it with this fraudulent traffic so as to knock it offline or sufficiently impair its speed of operation that it is rendered inaccessible to legitimate users. Such attacks are continuing to get larger and longer-lasting all the time, and serve as a devastating testimony to the power of malicious bots online. The effects of all of the attacks mentioned above can range from financial damage to reputational damage inflicted on victims. As with other bad bot attacks, DDoS botnets can also be hired as a service — for as little as a few bucks at a time.
Protecting against bad bots
Thankfully, the tools exist to help protect against these bot attacks. Advanced bot protection tools can be used to secure access points and analyze bot traffic so as to identify anomalies. Using machine learning and other AI tools, these safeguarding cyber security measures can recognize bad bot behavior in real-time, and take action to protect against them. The results are that organizations running websites and services can feel reassured that their systems are not going to be the victim of malicious bot-driven attacks.
Good bots are a game-changer in all kinds of positive ways. But bad bots pose an enormous problem for businesses and users alike. Not properly kept in check, bad bot traffic can evolve far beyond being a simple nuisance (such as spamming web pages) to a major threat that can be crippling in its effects. Ensuring that you mitigate this malicious bad bot traffic is an essential step in protecting vital infrastructure and establishing a secure internet. That should be a top priority for all involved.