web analytics

DARKReading – Pandemic Pushes Bot Operators to Redirect Efforts

Rate this post

As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites.

Shifts in consumer activity due to the coronavirus pandemic altered the activity of automated software programs, also known as bots, in 2020, according to a new Imperva report.

Heathcare and gambling sites saw notable increases in bots — both those labeled “good” and “bad” by the web application security firm. Bots accounted for 35% of traffic to healthcare sites, up from 21% in 2019, and 34% of traffic to gambling sites, up from 19% in 2019. While bot traffic to healthcare sites climbed throughout the year — almost quadrupling by the end of 2020 — both e-commerce and government sites saw a significant increase only in the last quarter.

Related Content:Bad Bots Build Presence Across the WebSpecial Report: How Data Breaches Affect the EnterpriseNew From The Edge: The CISO Life Is Half as Good

The surge in bots to e-commerce sites coincided with the release of next-generation gaming consoles, while the influx of traffic to government sites may be related to the US elections, says Edward Roberts, director of strategy at Imperva.

“The model here is that bots will go wherever they can make money,” he says. “And we expect them to jump to other industries, if there is high demand — and if it is something vital or life-threatening, then [how we respond] becomes even more important.”

The report focuses on bad bots, which the company sees as a threat to its customers. 

Some of the automated activity would likely be considered malicious by most observers. Hustlers who use automation to hoard in-demand items and gouge consumers, and cybercriminals who use bots to attempt credential-based attacks, such as credential stuffing or password spraying, are both bad bots that most would also consider malicious.

Imperva calls such bots “the pandemic of the Internet.”

“Bad bots interact with applications in the same way a legitimate user would, making them harder to detect and block,” Imperva states in the report. “They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.”

The report found that the actual pandemic affected bot operators in different ways. Changes wrought by stay-at-home orders offered new opportunities for those who wanted to use automation to collect data, while closing off other opportunities. Ticket scalpers, who usually descend on popular concerts to buy tickets, found themselves suffering diminished profits, for example.

“[T]he pandemic resulted in a reduction of traditional scalpers’ sources of income,” the report stated. “Concerts and sporting events were canceled or took place without live audiences.”

Yet, at the same time, a variety of goods — from masks to gaming consoles — became the target of scalpers and hoarders. And with supply chain disruptions causing shortages, scalpers also found additional opportunities to hoard desired goods and bilk consumers.

The divide between good bots and bad bots is pretty fluid because much of the Internet relies on bots. Search firms crawl websites to create indexes and deliver results for specific queries. Other companies rely on scraping data from sites to offer consumer services. While businesses may want to block the leak of such information, most other Internet users would not consider these activities to be bad. In fact, a US appeals court upheld the legality of data analytics firm HiQ Labs scraping data from LinkedIn in a 2019 ruling.

However, from a business perspective, any activity that is not human is often considered bad. Anti-bot service provider Kasada clarified that “if you’re serving up traffic to bots, you’re spending money on infrastructure, systems, tools, and personnel that you shouldn’t have to.”

Sponsored ContentHow to Combat the New ‘Insider Threat’: Compromised Partners

It’s difficult to stop supply chain attacks if partner accounts are compromised. What can you do when these attacks are indistinguishable from insider threats?Brought to you by Area 1 Security

However, Imperva’s report warned — without evidence — that increased activity to healthcare sites could presage the hoarding of vaccine appointments. Noting the existence of sites such as TurboVax, which uses automated scanning to help people find open vaccine appointments, the company raised the question of whether scammers could use bots to reserve, and then resell, time slots for vaccine appointments. 

“These helpful bots were created with good intentions, but it’s not far-fetched to imagine others creating similar tools in order to sell the appointment to the highest bidder for the opportunity to jump the queue,” the report states.

Asked about the statements, Roberts clarified that the company had actually dismissed the theory.

“People aren’t hoarding vaccine appointments — we put that [question] to ourselves and that doesn’t seem that they could resell those slots,” he says. “I think it is more people creating these helpful bots to try and help people and help society get over this once in a lifetime pandemic.”

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post