Bad bots
Tim Ayling, Vice President Cyber Security Solutions EMEA for Imperva, explains the rise of bad bots during peak season
Cybercriminals are opportunists, channelling their efforts towards the easiest targets and vulnerabilities, and ramping up attacks when there are more online users to target. Black Friday and the Christmas shopping season is one such profitable period – and not just for retailers.
According to Imperva, some days around Black Friday last year saw a 54% increasein malicious bot traffic, while Cyber Monday experienced a whopping 42% more traffic than onBlack Friday. Needless to say, bad actors capitalise on those seeking the best deals during the festive shopping season, with cyberattacks intensifying. These cybercriminals deploymalicious bots and other tactics to exploit vulnerabilities on ecommerce sites, attacking both the websites themselves as well as targeting consumers to steal their sensitive data.
And the knock-on impact? While the personal accounts and web browsers of everyday consumers could be infiltrated,retailers are at risk of having their operations halted, theirinventory depleted, and the resulting customer experience badly affected. So, what are the risks we’re up against, andhow can retailers proactively mitigate cyberattacks this holiday shopping season?
The risks
Bad bot attacks
Alongside the flood of legitimate traffic from shoppers around Black Friday, the online retail industry is victim to an average of 101,950 bot-related incidents daily. These attacks focus on high-demand products, exploit new user discounts, compromise sensitive information, and engage in price and content scraping. Retail websites had 28% of automated traffic classified as malicious, but a whopping 58% of this was ‘advanced’, showing the scale of the threat.
Denial of service
Bad bots are also harnessed for Distributed Denial-of-Service (DDoS) attacks, flooding retailers’ networks and servers to overwhelm their capacity with the intention of taking them offline completely. DDoS attacks specifically on retail websites increased 61% since last year, according to the Imperva research.
Account Takeover
Alongside bad bots, Account Takeover attacks (ATOs) are a frequent way that online accounts are compromised by bad actors. ATOs are usually automated, with attackers trying tactics like credential stuffing, for example – where bots are used to repeatedly attempt to log into a user account using a common list of common or breached passwords.
Once compromised, attackers can engage in various forms of fraud, from making unauthorised purchases to stealing sensitive data and exploiting stored payment methods like credit card details and gift card codes.
Evasive Bad Bots
Complexity is heighted with the growth of Evasive Bad Bots. Using complex tactics like cycling through random IPs, entering via anonymous proxies, delaying requests and mimicking human behaviour, these use a ‘low and slow’ approach to avoid detection and carry out significant attacks using fewer requests. Reducing the noise in this way makes it more difficult to detect them – and they’re popular for attacking retail websites. These kinds of bots make up 70% of all bad bot traffic on these sites, compared to 51% on other websites.
In sum, retailers need a comprehensive bot management strategy to safeguard their platforms and ensure smooth shopping experiences. This should include actions like:
In summary, retailers should take a layered defence strategy against automated and sophisticated threats. By integrating DDoS, client-side, and bot protection, alongside running a Web Application Firewall (WAF) on their systems, retailers can be assured that their applications and data are safeguarded at scale. In the process, they’ll be in a far better place to maintain business continuity, and offer a secure and stable website experience for customers at such an important time of the year.