Mitigating bot attacks is a major concern for security leaders, according to new research published yesterday by cybersecurity company Human (formerly White Ops).
In the first quarter of 2021, ESG asked 425 cybersecurity and IT decision makers with application security knowledge and responsibilities for their organizations about their perceptions of and responses to bot attacks.
Leaders expressed concerns that bots could cause site slowdowns by overwhelming traffic, new account fraud, credential cracking/brute force attacks, account takeover, content manipulation, sensitive content scraping, and inventory exhaustion and cart abandonment.
Among the report’s key findings are that nearly half of respondents believed their organization would be susceptible to a sophisticated bot attack.
Most of those surveyed (90%) said that they viewed bot management as a top-five cybersecurity priority. This finding aligns with security leaders’ view of how sophisticated bots are, as 86% of respondents said they believed most bots are capable of circumventing simple bot mitigation features.
“This research demonstrates how crucial a robust bot mitigation platform is to a strong cybersecurity posture,” said Tamer Hassan, co-founder and CEO of HUMAN.
“Sophisticated bots can have immense detrimental effects to customer experience, and the time it takes to rebuild trust with customers is time that today’s organizations don’t have.”
The impact of bot attacks upon those surveyed was significant, with 37% of respondents confirming that they had been victimized by sophisticated bots in the past twelve months. Another 30% believed they had suffered a bot attack but were unable to confirm it.
Senior analyst at ESG, John Grady, said bot attacks were on the rise.
“As organizations have shifted to more online-focused business operations, a trend further accelerated by the pandemic, attackers have doubled down on their efforts and increased the frequency of bot-driven fraud and logic abuse,” said Grady.
“This new research explores how application security leaders perceive the threat of bot attacks and what their plans are for combatting them.”