When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
For many, the mention ofbotsconjures up images of friendlywebsiteautomations desperate to provide answers.
Subservient avatars programmed to make life easier.
However, for those in a specialist corner ofcybersecurity, How can I help you?
is one small code change away from How can I harm you?
In the hands of unscrupulous individuals, bots are increasingly being used for malicious gain.
Any brand transacting withcustomersusing websites, APIs andmobile applications.
These vast revenue flows are only made possible because online businesses automate customer interactions at massive scale.
Unfortunately, threat actors have also noticed the value coursing through these interfaces.
Using malicious automation, threat actors compromise this exposed web attack surface.
Scalping- Attackers unleash bots to swarm digital shelves.
Credential stuffing- This technique exploits the web attack surface with maliciousautomationto launch volumetricidentityattacks for fraud.
With malicious automations harvesting IP for 4 months on average before detection, value is endlessly leached away.
The impact from malicious automation is cumulative.
Very real human impact
The impact on people is similarly cumulative.
The normalization of bots is also forcing some into questionable behaviors themselves.
A sophisticated fix for a sophisticated attack
The legalities of bots are confusing.
Some, for example those which abuse stolen identities, are clearly illegal.
Broadly, official policy is still playing catchup.
For the brands under attack, mitigating the threat of malicious automation means overcoming a number of technical issues.
Addressing the problem effectively requires regulation with teeth and technological innovation.
However, what would compel action is greater awareness of the sheer magnitude of the problem.
Bots are increasing exponentially in scale, speed and effectiveness - the question is, will we respond accordingly?
We’ve featured the best business VPN.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc.
If you are interested in contributing find out more here:https://www.techradar.com/news/submit-your-story-to-techradar-pro
