The rise and rise of Bad BOTs !

Sometimes we can all be forgiven for thinking that there’s someone sitting behind a computer actively doing something nasty ! Hmm, technically that is true but I’m talking about large scale. Maybe the single person scenario was plausible during the early days of the internet – I can remember quite well my own use of the dial up modems, green screens and basic “get” commands on a university’s terminal.

The movie “War Games” about  a young hacker breaking into a US military network only to play a game with an intelligent computer that controlled the nation’s nuclear arsenal produced that eternal catchphrase “do you want to play a game ?”. Of course wasn’t that how Wikileaks founder Julian Assange got his start – by cracking the NASA network ?? But alas, it didn’t take long for automation to creep into even this activity, so now little bitty automation logic is doing the hard, repetitive work every minute of every hour of every day of the year.

The internet is flooded with automation that include search engines, virtual assistants and that recent phenomenon of chat bots. Included now is the malicious BOT that performs in minutes what a hacker would take days to complete, but on so much larger scale, thousands and thousands of websites scanned.

If estimates of ALL the BOT traffic on the internet is about 20%, than that makes for alot of the non-human traffic.

And yet we all know they exist – hence the robots.txt file that we add to our websites !!

On that basis alone it’s important to pay attention at what is knocking on the door. WAFs are no match for Advanced Persistent BOTs. A WAF typically filters out known violator user agents and IP addresses, however bad BOTs rotate through IPs, and cycle through user agents to evade these WAF filters. Sophisticated BOTs can even mimic human behaviour. Broadly, a bad BOT management platform must perform the following key preventative measures:

  • Web Application Security – Stop an entire class of cybersecurity threats, including account takeovers, web scraping, unauthorized vulnerability scans, and application denial of service.
  • Prevent API Abuse – Hackers, and fraudsters reverse engineer apps that connect to API endpoints. Once inside the API, they use BOTs to scrape data, takeover accounts, commit fraud, and deny API service to other apps and users. OWASP has now added “Under protected APIs” to the OWASP Top Ten.
  • Online Fraud and Account Hijacking – Using brute force attack or stolen login credentials, Bad BOTs can gain access to your user accounts and make fraudulent purchases or harvest personal information. Eliminate new account fraud. Minimize payment fraud.

Recently, Forester produced a new report – The Forrester New Wave™: Bot Management. If you are a bank or other financial institution, provide online shopping or other eCommerce platform or even a SaaS provider for HR, accounting, supply chain etc – you need to read this report. Reprints are available via Distil Networks – ranked as a leader in Bot Management by Forrester.

By Con Lokos