As businesses rapidly incorporate digital initiatives to sustain their operations, the threat of bot traffic has the potential to hurt their reputation and affect their revenue.
In its latest report, Netacea found that automated bots can cost businesses as much as US $250 million a year. As per the report – ‘The Bot Management Review: What are the bots costing your business?’ wherein 440 companies across industries such as travel, ecommerce, entertainment, financial services and telecom, were surveyed – automated bots operated by threat actors can amount to an average of 3.6% of the annual revenue. For the 25% of worst-affected businesses, it is equal to nearly a quarter of the billion dollars.
The report further found that every sector has been facing a bot problem with nearly two-thirds of businesses detecting attacks on their websites. 46% of respondents described that mobile apps had been attacked and 23% in the financial sector reported that bots have been targeting their APIs.
Also Read: Cloud Security Lessons Learned from the Pandemic
Matthew Gracey-McMinn, Head of Threat Research, Netacea says, “The recent surge in bot attacks is the result of a feedback loop. We’ve seen (especially over lockdown) an increasing proportion of our lives being lived online and attackers wanting to exploit the online world for profit in malicious ways. Bots are very good at exploiting business logic so their operators can profit. These bots are fully automated and easy to use, they’re generally very cheap, and the risk of using them is generally pretty low. But the rewards are significant.”
With businesses forced to adapt to the digital business model, the ones operating on limited budgets became vulnerable to bot traffic thanks to the pandemic. Even though scalper bots, notorious for automating the purchase of inventory, have occupied the headlines in 2021, businesses have suffered from all types of bots. These include sniper bots that keep monitoring activity and take advantage at the very last moment, account checker bots that capitalize on user credentials to take control of accounts and scraper bots that extract content and data from websites.
Here are a few more significant findings reported by Netacea:
- Customer satisfaction has been affected due to the bot activities of scalper and sniper, as reported by 80% of the respondents.
- Just 5 % of the overall budget is routed to bot mitigation, even though larger organizations require as high as 20%.
- Malicious actors are more inclined to use checker bots to take advantage of data breaches and leaked passwords to compromise accounts.
Also Read: How Cyber-Resilience is at the Crux of Securing Businesses
The major challenge that most businesses are facing is to identify or discover these attacks. According to Netacea’s report, it takes over 14 weeks between a successful attack and its detection. This makes it hard for IT teams to limit the damage done to the reputation, bottomline and customer satisfaction of a company.
Netacea previously conducted research around the Genesis Market that shows how the bot industry is evolving. “Bot traffic are increasingly tempting to attackers, encouraging more to get involved and develop better bots. This, in turn, leads to more attacks and more profit, and so the loop continues,” says Matthew Gracey-McMinn. He further added, “To defend themselves, businesses must understand what these attacks are and how they work. The best place to start is with models, like the BLADE Framework, which describe the steps these attacks go through and the best way to stop them.”
For more such updates follow us on Google News ITsecuritywire News.