Businesses Pay A High Price For Automated Bots

The bot detection and mitigation specialist firm Netacea  has announced results from a new survey that reveals the high price that businesses pay because of bot traffic operated by malicious actors.
 
The report surveyed 440 businesses across the travel, entertainment, eCommerce, financial services and telecoms sectors in the United States and the UK and the results show that automated bots currently cost businesses an average of 3.6% of their annual revenue.  For the 25% worst affected businesses, this equates to at least a quarter of a billion dollars ($250 million) every year and that, on average, 14 weeks pass between a successful attack taking place and its detection.  
 
Netacea found that every sector had a substantial bot problem, with two-thirds of businesses detecting website attacks.
 
  • 46% of respondents reported mobile apps had been attacked.
  • 23%, mostly in the financial services, said bots had attacked their Application Programming Interface (API -  a type of software connecting to other pieces of software).
  • Businesses have been affected by all types of bots, including scalper bots which use stolen usernames and passwords to take over accounts, sniper bots that monitor activity and swoop in at the last moment, and scraper bots that extract content and data from websites.

The Netacea research also discovered:

  • Over 80% of businesses reported that customer satisfaction had been negatively affected by bot activity, in particular scalper and sniper bots.
  • Only around 5% of security budgets are dedicated to bot mitigation, although larger firms spend more. with up to 20%.being spent on dealing with bots.
  • Account checker bots are the most popular form of bot attacks, taking advantage of data breaches and leaked passwords to compromise customer accounts.
​“Last year...  was a bumper year for those who use bots to leech off of those businesses, especially from bad actors who looked to take advantage of a significant shift to online working and retail,” said Andy Still, CTO of Netacea“While there is a greater awareness of the threat than in previous years.... Businesses need to realise that bots are not a mere nuisance, but a genuine security threat, especially when a business is already struggling because of other factors.”
 
Netacea’s previous research on Dark Web markets for stolen credentials, shows how sophisticated the cyber crime industry is becoming. Those operating bots do so at a professional level, with consultants, help desks and highly specialised infrastructure providers accessible through covert forums, making bots widely available.
 
Netacea:   
 
You Might Also Read:
 
Banking Botnet Profit Share:
 
 
 
 
« Business Leaders Can Make Big Mistakes About Cyber Security
British Military Aim To Reduce Their Attack Surface »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

e2e-assure

e2e-assure

e2e Protective Monitoring and Security Operations Centre (SOC) Service is a complete cyber defence service to protect your critical assets from cyber attacks and GDPR breaches.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

UNS Inc.

UNS Inc.

UNS is a top services partner for multiple leaders in the global cybersecurity industry – we do business in 40 countries, including the United States, Canada, Chile, and Colombia.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

CYGNVS

CYGNVS

CYGNVS is a guided cyber crisis response platform providing anytime, anyplace access. A SaaS platform for cyber crisis management – a safe way to connect and control your response.

BitLyft

BitLyft

BitLyft is a managed detection and response provider that is dedicated to delivering unparalleled protection from cyber attacks for organizations of all sizes.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.