Specialized third-party solutions prove effective against malicious bots, ATO attacks, script risks

Specialized third-party solutions are proving notably effective in helping businesses tackle malicious bots, account takeover (ATO) attacks, and third-party script threats. That's according to a new survey of IT and security professionals by security vendor Akamai in collaboration with Foundry (CSO is a Foundry brand). The pair surveyed more than 300 global IT and security decision-makers about the solutions they use for preventing fraud and abuse, with those implementing dedicated third-party offerings seemingly benefitting from significant, quantifiable improvements in their ability to mitigate risks.

Bot-dedicated solutions deliver traffic management, security control benefits

Malicious bots pose significant security threats to organizations and are often used to scrape content from websites, launch credential-stuffing campaigns, or overwhelm applications and websites with distributed denial-of-service (DDoS) attacks. Bot operators are also constantly evolving their tactics and techniques to evade detection. According to a 2022 Forrester report, over a quarter of all internet traffic comes from "bad bots" that consume resources and overwhelm websites.

Three-quarters of the IT and security professionals Akamai surveyed experienced malicious bot attacks in the last 12 months. Almost nine out of 10 (89%) respondents said they use third-party or a combination of third-party and in-house solutions to combat malicious bots, countermeasures especially common in the US (96%) and Europe (93%), according to the report. Almost all (97%) reported an improvement in their efforts to combat bots, with 54% of those using third-party solutions stating that their cybersecurity capabilities have improved significantly. Of those who saw significant improvement, the ability to handle high heat events and surges in traffic (47%) and to balance security controls with performance optimization (41%) were among the top capabilities/gains most frequently cited.

Businesses with specialized ATO defenses cite detection, visibility, notification gains

ATO attacks are a threat to organizations across verticals, particularly for businesses that have large numbers of inactive and non-maintained accounts. Cybercriminals use a variety of techniques to commandeer legitimate accounts, with fraudsters adept at using information stolen from forgotten or otherwise non-upheld accounts. Identity sprawl can also trigger ATO risks, predominantly if employees reuse (or only slightly alter) passwords or do not perform security reviews. Successful ATO attacks can destroy customer trust and seriously damage a brand's reputation. They also consume already strained security resources.

More than three-quarters (79%) of respondents said their business had been targeted by ATO attacks in the last 12 months. Most said their companies had ATO-specific countermeasures in place, either using a third-party solution (83%) or a combination of in-house and third-party solutions (64%). Europe (95%) and the US (93%) are the two regions with the highest use of specialized solutions. Two-thirds of respondents said that their cybersecurity capabilities had significantly improved since deploying specialized ATO defenses, while 31% said they had somewhat improved.

The most frequently reported gains by those who saw significant improvement were the ability to detect fraudulent or suspicious activity (44%), visibility into indicators of account compromise (41%), and detection of fraudulent or suspicious logins (39%). Respondents also cited notable improvement in the time it takes to be notified of suspicious activity since implementing specialized ATO prevention solutions, which has been cut by up to 34%, according to the report.

Preventing data exfiltration among benefits of dedicated script protection

Businesses' use of third-party scripts has dramatically risen, enabling functionality, marketing tools, and enhancing user experience. However, they come with significant security risks, and while bots and ATO attacks impact servers, malicious scripts represent a client-side threat that can be difficult to monitor. Script attacks include web-skimming and formjacking to steal payment card data and personally identifiable information (PII). Criminal syndicates have organized themselves around this type of activity, most notoriously Magecart.

Akamai's report found that suspicious script behavior is common, with 81% of respondents stating that their organization had been targeted by suspicious script behavior within the last 12 months. Third-party specialized defenses are also prevalent, with 85% of those surveyed deploying such defenses either alone or in combination with in-house solutions to fight against suspicious script behaviors.

Almost all (98%) of those using third-party specialized script protection solutions said their cybersecurity capabilities have improved at least somewhat since deployment, with 58% seeing significant improvement. What's more, 71% noted a significant reduction in abusive script behaviors, with another 24% seeing moderate reduction. Of those that saw significant improvement, the most frequently reported gains were the ability to detect compromised first- and third-party scripts (38%), prioritization of events that require investigation (38%), meeting compliance requirements (38%), and preventing data exfiltration (34%).

"A CISO of a major US retailer once told me that an organization should double down on what they do best and outsource the rest to the security experts," Steve Winterfeld, Akamai's advisory CISO, tells CSO. "This study confirms the benefit of using third-party specialized defenses to not only mitigate the most sophisticated threats, but also optimize scarce internal resources to drive better business outcomes."