Christmas is around the corner and the festivities have just begun. In a year that was rather dull and marred with the COVID-19 pandemic, this season brings a breath of fresh air. Market experts believe the festive season is changing public sentiments and people are now spending positively. However, with social distancing and other stricter protocols in place, people are preferring online shopping now, more than ever. But this has its own issues. Enterprise cybersecurity provider, Barracuda, has warned APAC users of a substantial threat arising from bots that can run DDoS attacks while you shop online.
The Bad Bot Attacks
As part of their research activity and continuous analysis, Barracuda’s researchers ran their proprietary Bot Protection solution on a test web application. In just a few days, it detected millions of attacks coming from multiple IP addresses. The researchers said, “Attacks like these are often used to make fraudulent purchases while helping cybercriminals to scan for any vulnerabilities they can exploit.”
Known as the “bad bot personas,” these bots are malicious in nature and are grouped together by User-Agent. The trouble is, that some User-Agents include “good bots”. For example, GoogleBot. GoogleBot crawls sites and adds them to search rankings. It is highly difficult to differentiate between the two without deeper investigation, as bad bots will often spoof good User-Agents.
Another trait that Barracuda researchers observed was that these cybercriminals have “a regular working day.” Usually, bot attacks peak at midnight to avoid the human eye. However, in this case, their activity peaks late in the morning and does not go down until 5 p.m.
It’s clear that cybercriminals are powering up for the Christmas rush, so with holiday shopping season now in full swing across the region, it’s crucial that e-commerce teams take the appropriate steps to safeguard their applications against bad bots.
– Mark Lukie, Engineer Manager, Barracuda, APAC
The To-Do for Avoiding Bot Attacks
Researchers suggest that to protect yourself from such attacks, one should install properly configured web application firewalls or WAF-as-a-Service solutions. Additionally, the application security solutions must include anti-bot protection to effectively detect advanced automated attacks. Also, to prevent account takeover attacks, inclusion of credential stuffing protection is mandatory.
CISO MAG, in partnership with Rapid7, is hosting a virtual roundtable on Effective Security Incident Handling on December 15, 2020.
For more information visit: https://cisomag.eccouncil.org/cyber-security-webinars/ Register now!