- “문화 우선 접근이 성공의 비결” 에이버리 데니슨의 AI 혁신 전략
- “여러 AI 모델을 로컬에서 테스트 가능”···구글, 오픈소스 앱 ‘AI 엣지 갤러리’ 공개
- Why I recommend this OnePlus phone over the S25 Ultra - especially at this new low price
- I replaced my laptop with Microsoft's 12-inch Surface Pro for weeks - here's my buying advice now
- This palm recognition smart lock doubles as a video doorbell (and has no monthly fees)
Bad Bots Focus Attacks on E-Commerce Targets
Nearly two-fifths (39%) of all internet traffic is comprised of “bad bot” activity, with e-commerce assets most at risk of attack, according to a new report from Barracuda Networks.
The security vendor’s Bot attacks: Top Threats and Trends report revealed that automated traffic accounts for the vast majority (64%) of all internet traffic today — including search engine crawlers and social media bots.
However, only a quarter (25%) of this can be labelled “good bot” activity. Much more is the result of automated scripts attempting account hijacking, web scraping and much more.
Most of the traffic analyzed in the report came from AWS and Azure public clouds, which it’s claimed make it easy for threat actors to set up accounts for their malicious bot activity.
North America accounted for 67% of bad bot traffic, followed by Europe and Asia. However, in Europe, malicious bots are more likely to come from hosting services or residential IPs, the report said.
Although automated, these attacks are designed to follow a normal workday so as to blend into other traffic.
Examples provided by Barracuda included a bad bot probing for security vulnerabilities by masquerading as a legitimate vulnerability scanner, and another brute forcing the login page of a medical service provider with stolen credentials.
Others included a web scraping bot attempting to steal information from a B2B e-commerce store, and another doing the same with pricing information (aka “price scraping”) on an Eastern European e-commerce site.
In fact, Barracuda warned that e-commerce apps and login portals are the most common target of advanced persistent bots — which are harder to detect as they closely imitate human behavior.
“When left unchecked, these bad bots can steal data, affect site performance, and even lead to a breach,” explained Barracuda’s VP of product management, application security, Nitzan Miron.
“That’s why it’s critically important to detect and effectively block bot traffic.”
An Imperva report from April this year claimed that bad bots might even be used by unscrupulous scalpers to buy-up in-demand COVID-19 PPE to profit from the pandemic.
