Vendor says new service will offer insights into bot security threats and remediation advice based on marketplace research and dark web chatter. Credit: Thinkstock Cybersecurity vendor Netacea has announced the launch of a new Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online fraud and cyberattacks with bots becoming more sophisticated and better equipped to evade detection.Businesses take 16 weeks to respond to bot attacksIn a press release, Netacea stated that BLIS has been developed following requests from customers for actionable intelligence to help them tackle malicious bot activity more efficiently, adding that its own research discovered that businesses take an average of 16 weeks to respond to bot attacks. What’s more, most businesses do not understand what tools are effective against bots or who is behind bot attacks, Netacea said, warning that the end of the year is likely to see online retailers targeted with an increase in gift card bot campaigns.Netacea Principal Security Researcher Cyril Noel-Tagoe tells CSO, “Bots are used by cybercriminals to commit fraud, take over accounts, or steal sensitive data from businesses at scale. Our research revealed that bot attacks cost businesses around 3.2% of their online revenue. The FBI and ICO [the UK Information Commissioner’s Office] have also recently released warnings about credential stuffing, one of the attacks perpetrated using bots, with the latter calling it a significant and growing cyberthreat to personal information,” he adds.Depending on the selected tier, BLIS will offer customers annual, quarterly, or monthly threat reports identifying key bot threats, threat actors and tactics, techniques and procedures, and recommendations to reduce their threat exposure, Noel-Tagoe says. The new service is available as a stand-alone offering or to augment Natecea’s Bot Management solution, the vendor stated. Malicious bots becoming more sophisticated, impacting all industriesThe 2022 Imperva Bad Bot Report, published in May, discovered notable shifts in malicious bot activity last year. For example, “bad bot” traffic accounted for a record-setting 27.7% of all global website traffic in 2021, while bot-enabled attacks such as account takeover, scraping and scalping became more prevalent. There was also significant evidence of malicious bots being weaponized in relation to the Russia-Ukraine conflict, with Imperva witnessing a 145% spike in automated attacks targeting Ukrainian web applications between February 24 and March 1.The sophistication of malicious bots increased last year too, Imperva found, with “advanced” bad bots accounting for 25.9% of all bad bot traffic in 2021 compared to 16.7% in 2020. This was linked to changes in bot evasiveness, with “evasive bad bots” accounting for most of the bad bot traffic (65.6%), Imperva’s report stated. According to the firm, this breed of bots can evade common defenses via techniques such as cycling through random IPs, entering through anonymous proxies, changing their identities, mimicking human behavior, and delaying requests. Bad bots impacted all industries in 2021, Imperva added, citing mobile browsers like Mobile Safari and Mobile Chrome as the most common disguise option employed by malicious bots. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe