Fears around bot traffic and bot-powered DDoS attacks persist

Thanks to the proliferation of the Internet of Things, the ability for bots to cause havoc at a global level has increased significantly.

IoT devices are susceptible to becoming part of a malicious botnet, and it’s possible for hackers to weaponise IoT devices to launch powerful DDoS attacks. As more devices are connected to the Internet, these types of attack pose an increased risk to not only the defences of an enterprise but also to a whole nation.

As such, 75% of organisations surveyed by the Neustar International Security Council (NISC) are concerned about bot traffic posing a threat to data security.

Besting the bad bots: how advanced persistent bots are attacking sites, and what to do about them

Nearly half of all Web traffic (46%) now originates from bots, with 18% from ‘bad’ bots

Security professionals perceived DDoS attacks to be the highest threat to their enterprise, 52% admitting to being on the receiving end of an attack. This was followed by system compromise, ransomware and financial theft.

“Fears around bot traffic and bot-powered DDoS attacks are extremely valid but by no means new,” said Rodney Joffe, Head of the NISC and Neustar Senior Vice President and Fellow. “Unfortunately, bot traffic makes up a large proportion of the Internet.”

Alarmingly, these fears persist even though the same number of enterprises already have bot traffic management solutions in place – implying a continuing gap between attack sophistication and organisational readiness.

Who’s afraid of the big, bad bot?

If organisations get it right, AI-powered bots will help create transformational digital customer experiences

“It is key that organisations make sure incoming data is scrubbed in real-time, while also identifying patterns of good and bad traffic to help with filtering. While it is encouraging to see that more organisations are implementing bot traffic management solutions, it is imperative that businesses employ a holistic protection strategy across every layer for the best level of protection. Implementing a Web Application Firewall (WAF) is crucial for preventing bot-based volumetric attacks, as well as threats that target the application layer.”

For the study, the NISC interviewed 200 senior position holders such as CTOs. IT directors and security consultants across the EMEA region.

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics