Don’t let Grinch bots put smut in your stocking

Check Out All The Smart Security Summit On-Demand Sessions Here.


From a cybersecurity perspective, the end of 2021 saw two newsworthy events: Log4j’s Zero Day exploit and the widespread use of Grinch bots. While the former has hopefully been resolved, although still resented by security teams, the latter has no easy fix. To make matters more difficult, we expect to see an increase in bots impacting both the online shopping experience and retail organizations heading into 2023. Ultimately, it will take a industry-wide effort to combat these bots and bring joy back to virtual shopping. .

Much like its namesake, a Grinch bot is actively working to steal gifts from under the noses of holiday shoppers. Grinch bots are designed to quickly buy products online as they become available. These bots are often created to buy a product on sale and then resell it for a profit. The advantage of using a bot to make these purchases is that it can move faster than human shoppers, picking up entire stocks of a product in seconds.

However, these Grinch bots and other bot attacks don’t just harm consumers. Think about it: if a bot is programmed to select a store’s product inventory and choose the in-store pickup option, and it never picks up or pays for the product, the inventory of the store will be frozen. And when a bot makes fraudulent purchases, brands will still have to pay transaction fees by credit card, which could lead to a brand being removed from point-of-sale platforms. Transaction fees and frozen inventory can be both crippling to brands and their ability to do business.

Bots aren’t going away anytime soon

Ultimately, bots hurt the customer experience and damage a brand’s reputation. In fact, a recent survey found that for 97% of organizations, bot attacks had an impact on customer satisfaction. In one particularly egregious example, a popular shoe brand discovered that 97% of traffic for an online sale was bots. Needless to say, this probably left the majority of human customers with a negative shopping experience. Consumers now expect a level playing field and a level playing field when it comes to online shopping. As supply chains are still strained, restocking inventory that has fallen victim to bot attacks can become costly and time-consuming.

Event

On-Demand Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies. Watch the on-demand sessions today.

look here

It has become such a big issue that the US Congress has even stepped in and proposed a “Grinch Bot Stopping Act” to try to clamp down on these bots. Although the law has not yet been passed, brands can still take steps to thwart bots, improve customer experience, and protect inventory from cybercriminals. Bot traffic grew 106% year-over-year in 2021. It’s high time for the retail industry to act.

App developers need to consider bots during the development process. Merchants should be aware of the threat posed by bots and protect their brand and customers. Security practitioners must limit access to their sites to actual customers.

Defense against bot attacks is a matter of context

In particular, cybercriminals use bots to attack organizations by targeting the APIs that power many online transactions. In a recent survey, 60% of brands reported that bots were targeting their APIs in early 2022. This is an increase from 46% in 2021. Often, threat actors will use bots as part of their efforts reconnaissance to identify vulnerabilities, especially with APIs. .

API weak points typically expose more business logic and, therefore, more data, including personally identifiable information (PII). Attackers use bots in this phase because it allows them to quickly explore, gather information, and test things while being less likely to be detected.

As attackers figure out how to bypass security checks, it can be difficult to defend against bot attacks. For example, for organizations that only do business in certain regions, geo-blocking has been a standard security control – you simply block all IP addresses from somewhere you don’t do business. However, today attackers use botnets consisting of thousands of IP addresses. This can bypass geo-blocking. When they realize that certain countries, continents, or regions are being blocked (i.e. user agents, payloads, or geographic IP addresses), they simply modify their attack traffic.

Modern solutions for modern robots

Attempting to block bots can end up like a game of “whack-a-mole”. The result is to prevent actual human customers from accessing the site, making purchases, or having a positive experience. This is obviously not a sustainable business practice. Brands must therefore look to modern solutions for today’s complex robot problems.

An important method to mitigate the bot threat is to gain context. Not all bot attacks are overt. Often attackers go “low and slow” to stay below any detection threshold and not trigger any defenses that might block them. However, obtaining historical context helps security teams identify suspicious patterns and behavior to better protect against bots.

Whatever method you use to protect yourself, if your organization hasn’t already done so, now is the time to start preparing in earnest for the deluge of holiday shoppers. Acting now can be the difference between ensuring your customer experience remains positive and making your customers feel like they have a piece of coal in their storage.

Neil Weitzel is SOC Manager at ThreatX

DataDecisionMakers

Welcome to the VentureBeat community!

DataDecisionMakers is where experts, including data technicians, can share data insights and innovations.

If you want to learn more about cutting-edge insights and up-to-date information, best practices, and the future of data and data technology, join us at DataDecisionMakers.

You might even consider writing your own article!

Learn more about DataDecisionMakers

Leave a Comment