Three Out of Four Attacks: Sophisticated Bots and What Enterprise Security is Missing

Executive summary

Over the past several years, bots have dramatically transformed the way we engage
with the Internet, handling a dizzying array of online activities, including indexing large amounts of data and providing customer service functions. And while there are numerous positive outcomes of automation, bots can also have a negative side, wreaking havoc for businesses as well as their customers.

Previous research conducted in 2021 uncovered that cyber attackers using bots have increased the intensity of their efforts and are focusing on websites with a large number of visitors where there are marketing programs and incentives in place to drive traffic. Data from that survey showed that potentially vulnerable organizations often lacked the tools that provide the visibility needed to defend against bot attacks and scope out the impact of breaches. Most importantly, our findings suggested an educational and awareness gap across organizations regarding the capabilities of sophisticated bots.

Data from a new survey from Dark Reading and HUMAN Security which follows up on that earlier survey indicates that a significant majority of medium to large organizations recognize the value of bot management and understand the damage malicious bots can cause. Survey participants reported experiencing a variety of bot attacks (or suspected attacks) against their digital operations, including account takeovers and network disruptions. The most common incidents targeted site performance and customer accounts. However, our findings show that despite growing awareness about the sophistication of bot attacks, the vast majority of organizations are still not using the optimal tools for defense.