Netacea launches malicious bot intelligence service to help customers tackle threats

Cybersecurity vendor Netacea has announced the launch of a new Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online fraud and cyberattacks with bots becoming more sophisticated and better equipped to evade detection.

Businesses take 16 weeks to respond to bot attacks

In a press release, Netacea stated that BLIS has been developed following requests from customers for actionable intelligence to help them tackle malicious bot activity more efficiently, adding that its own research discovered that businesses take an average of 16 weeks to respond to bot attacks. What’s more, most businesses do not understand what tools are effective against bots or who is behind bot attacks, Netacea said, warning that the end of the year is likely to see online retailers targeted with an increase in gift card bot campaigns.

Netacea Principal Security Researcher Cyril Noel-Tagoe tells CSO, “Bots are used by cybercriminals to commit fraud, take over accounts, or steal sensitive data from businesses at scale. Our research revealed that bot attacks cost businesses around 3.2% of their online revenue. The FBI and ICO [the UK Information Commissioner’s Office] have also recently released warnings about credential stuffing, one of the attacks perpetrated using bots, with the latter calling it a significant and growing cyberthreat to personal information,” he adds.

Depending on the selected tier, BLIS will offer customers annual, quarterly, or monthly threat reports identifying key bot threats, threat actors and tactics, techniques and procedures, and recommendations to reduce their threat exposure, Noel-Tagoe says. The new service is available as a stand-alone offering or to augment Natecea’s Bot Management solution, the vendor stated.

Malicious bots becoming more sophisticated, impacting all industries

The 2022 Imperva Bad Bot Report, published in May, discovered notable shifts in malicious bot activity last year. For example, “bad bot” traffic accounted for a record-setting 27.7% of all global website traffic in 2021, while bot-enabled attacks such as account takeover, scraping and scalping became more prevalent. There was also significant evidence of malicious bots being weaponized in relation to the Russia-Ukraine conflict, with Imperva witnessing a 145% spike in automated attacks targeting Ukrainian web applications between February 24 and March 1.

The sophistication of malicious bots increased last year too, Imperva found, with “advanced” bad bots accounting for 25.9% of all bad bot traffic in 2021 compared to 16.7% in 2020. This was linked to changes in bot evasiveness, with “evasive bad bots” accounting for most of the bad bot traffic (65.6%), Imperva’s report stated. According to the firm, this breed of bots can evade common defenses via techniques such as cycling through random IPs, entering through anonymous proxies, changing their identities, mimicking human behavior, and delaying requests. Bad bots impacted all industries in 2021, Imperva added, citing mobile browsers like Mobile Safari and Mobile Chrome as the most common disguise option employed by malicious bots.