Vendor says new service will offer insights into bot security threats and remediation advice based on marketplace research and dark web chatter. Credit: Thinkstock Cybersecurity vendor Netacea has announced the launch of a new Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online fraud and cyberattacks with bots becoming more sophisticated and better equipped to evade detection.Businesses take 16 weeks to respond to bot attacksIn a press release, Netacea stated that BLIS has been developed following requests from customers for actionable intelligence to help them tackle malicious bot activity more efficiently, adding that its own research discovered that businesses take an average of 16 weeks to respond to bot attacks. What’s more, most businesses do not understand what tools are effective against bots or who is behind bot attacks, Netacea said, warning that the end of the year is likely to see online retailers targeted with an increase in gift card bot campaigns.Netacea Principal Security Researcher Cyril Noel-Tagoe tells CSO, “Bots are used by cybercriminals to commit fraud, take over accounts, or steal sensitive data from businesses at scale. Our research revealed that bot attacks cost businesses around 3.2% of their online revenue. The FBI and ICO [the UK Information Commissioner’s Office] have also recently released warnings about credential stuffing, one of the attacks perpetrated using bots, with the latter calling it a significant and growing cyberthreat to personal information,” he adds.Depending on the selected tier, BLIS will offer customers annual, quarterly, or monthly threat reports identifying key bot threats, threat actors and tactics, techniques and procedures, and recommendations to reduce their threat exposure, Noel-Tagoe says. The new service is available as a stand-alone offering or to augment Natecea’s Bot Management solution, the vendor stated. Malicious bots becoming more sophisticated, impacting all industriesThe 2022 Imperva Bad Bot Report, published in May, discovered notable shifts in malicious bot activity last year. For example, “bad bot” traffic accounted for a record-setting 27.7% of all global website traffic in 2021, while bot-enabled attacks such as account takeover, scraping and scalping became more prevalent. There was also significant evidence of malicious bots being weaponized in relation to the Russia-Ukraine conflict, with Imperva witnessing a 145% spike in automated attacks targeting Ukrainian web applications between February 24 and March 1.The sophistication of malicious bots increased last year too, Imperva found, with “advanced” bad bots accounting for 25.9% of all bad bot traffic in 2021 compared to 16.7% in 2020. This was linked to changes in bot evasiveness, with “evasive bad bots” accounting for most of the bad bot traffic (65.6%), Imperva’s report stated. According to the firm, this breed of bots can evade common defenses via techniques such as cycling through random IPs, entering through anonymous proxies, changing their identities, mimicking human behavior, and delaying requests. Bad bots impacted all industries in 2021, Imperva added, citing mobile browsers like Mobile Safari and Mobile Chrome as the most common disguise option employed by malicious bots. Related content news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Generative AI Machine Learning news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe