Enterprise Management Associates released a new research report titled “The Imitation Game: Detecting and Thwarting Automated Bot Attacks” based on criteria defined by Paula Musich, research director of security and risk management at EMA.
Over 20% of all website requests are made by bad bots conducting a range of nefarious activities, including the more ubiquitous application distributed denial of service (DDoS) attacks, as well as price scraping, web fraud, account hijacking, and more. In late 2019, EMA surveyed 209 respondents representing organizations primarily serving North America to learn how defenders are responding to this increasingly virulent attack vector. The research sought respondents primarily in IT and IT security roles representing organizations with at least 500 employees.
52% of respondents indicated that their organization’s public-facing applications had experienced DDoS attacks in the last year, followed by 38% of respondents reporting fake account creation and vulnerability scanning/reconnaissance attacks over that same time period. Depending on the type and size of the organization, the frequency of these attacks ranged anywhere from less than one per day to over 500 times per day.
Defenders are responding by turning to a range of different bot detection and mitigation providers, including dedicated bot mitigation vendors, web application firewall providers, content delivery networking services, and others. Such providers are raising the stakes by adding a wider range of telemetry to their solutions and adding new detections that employ machine learning techniques, behavioral analysis, and more on top of existing signatures, challenges, and IP reputation detections.
“Automated bot attacks can cost victim organizations from thousands to millions of dollars annually in lost business, product theft, increased infrastructure costs, and more,” says Musich. In the cat and mouse game between attackers and defenders, though, defenders appear to be gaining the upper hand through the use of more sophisticated detection and prevention tools.”
As organizations build out and manage their defenses against automated bot attacks, they are seeing success in detecting and mitigating the most frequently used attack techniques. This is especially true for application-level DDoS attacks, which the largest percentage of respondents indicated were detected and mitigated in less than one day.
Ultimately, bot defense solutions are enabling users of the technology to limit the amount of damage automated bot attack campaigns are exacting. Respondents in the survey indicated that their use of bot defense technology enabled savings in both fraud resolution and web infrastructure costs.