Fifth of Web Traffic Comes from Malicious Bots

Infosecurity Magazine | April 17, 2019

Fifth of Web Traffic Comes from Malicious Bots
Around a fifth of all web traffic last year was linked to malicious bot activity, with financial services hit more than any other sector, according to Distil Networks. The security vendor compiled its 2019 Bad Bot Report from analysis of a global network covering thousands of anonymized domains. It claimed to have discovered hundreds of billions of “bad bot” requests across this network, enabling large-scale, automated malicious activity including: web scraping, competitive data mining, personal and financial data harvesting, brute-force login and digital ad fraud, spam, transaction fraud and more. The report revealed 20.4% of traffic to be linked to this kind of activity. Although this was a slight drop from last year, nearly three-quarters (74%) of these bots are classified as “Advanced Persistent Bots” (APBs) which are able “to cycle through random IP addresses, enter through anonymous proxies, change their identities, and mimic human behavior.” In terms of ISPs, bad bot traffic was most likely to originate from Amazon (18%), while geographically, most traffic originated in the US (53%), according to the report. However Russia and Ukraine accounted for nearly half (48%) of blocking requests from Distil customers, given their notoriety.

Spotlight

"With every new data breach revealed or costly identity-theft case reported, consumer confidence in the security of online banking erodes. This loss of confidence in online services can have a direct impact on the ability of financial institutions to reduce costs and increase efficiency through the online-banking channel.Today, financial institutions offering Internet-based and mobile-banking services face increasing pressure to provide enhanced consumer protection against phishing, sophisticated malware (e.g., man-in-the-browser attacks, ZeuS, SpyEye, Ice IX, ransomware) and other fraudulent activities.

This primer outlines a necessary response to the increased number of identity fraud cases and continued threats from phishing, malware and man-in-the-browser attacks. Security threats will continue to evolve and financial institutions should invest in security platforms that provide the flexibility to implement new approaches and adapt to future challenges."

Related News

SOFTWARE SECURITY

To address the increasing demand for sensitive data protection, Netwrix and Stealthbits merge to address

prnewswire | January 04, 2021

Netwrix, a network safety merchant that makes information security simple, today declared a consolidation with Stealthbits, a network safety pioneer that shields delicate information and qualifications from assailants. The joined substance will keep on contribution its total arrangement of in excess of about six security arrangements pointed toward recognizing and distinguishing information security hazard just as ensuring, reacting and recuperating from network safety assaults. Terms of the exchange were not uncovered. Divided arrangements in the information security market keep associations from building thorough security techniques to ensure their delicate and managed information. To address this test, Netwrix and Stealthbits are uniting to use each other's mastery to widen item abilities and improve client experience. This will empower the consolidated association to offer seven center items crossing all components of information and data security, put resources into development to surpass the assumptions for existing clients and accomplices, and grow its client base worldwide. With more than 500 representatives and clients from in excess of 50 nations, the consolidated organization will work as Netwrix with Steve Dickson proceeding to fill in as its CEO and on the organization's Board of Directors. Steve Cochran, organizer and administrator of Stealthbits, will be a speculator in Netwrix and will serve on its Board of Directors. "We couldn't be more thrilled to be merging with the people and products of Stealthbits. Our combined organization can now offer data security solutions for any organization anywhere in the world," said Steve Dickson, CEO at Netwrix. "Stealthbits has always been driven to work with our customers to solve their most challenging credential and data security requirements. Combining our breadth of products and depth of expertise with that of Netwrix means our customers can quickly strengthen their security posture and address multiple projects and requirements through a single provider," said Steve Cochran, founder and chairman of Stealthbits. For a long time to come, clients, prospects and accomplices of each organization will keep on collaborating with each organization as they do today for deals, backing and accomplice action. Both Netwrix and Stealthbits are focused on straightforwardness and will educate their clients, prospects and accomplices of operational changes through this cycle throughout the next few months. About Netwrix Netwrix makes data security easy, thereby simplifying how professionals can control sensitive, regulated and business-critical data, regardless of where it resides. More than 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers. Founded in 2006, Netwrix has earned more than 150 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S. About Stealthbits Stealthbits Technologies, Inc. is a customer-driven cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operational expense.

Read More

Doble's Transient Cyber Asset Security Service a Hit among Top Electric Utilities, Demand Rises

Doble | July 01, 2020

Doble Engineering Company, a leader in power grid diagnostic solutions and subsidiary of ESCO Technologies Inc. (NYSE: ESE), today announced it has seen sustained growth in its Transient Cyber Asset (TCA) program. During the first half of 2020, the company achieved a record client renewal rate and strong customer acquisition growth, especially among the Fortune 500 and top electric utilities in the U.S.Doble's Transient Cyber Asset program is a comprehensive Managed Security Services (MSS) solution that supports electric utility field crews. As part of the offering, customers can choose from a range of rugged, special-purpose laptops or tablets, called Doble Universal Controllers (DUCs), or use their own transient devices. Doble's expert team hardens the devices to minimize cybersecurity risks and optimizes them for efficient field work. Doble's solution also includes remote management, 24/7 customer support, and compliance monitoring to ensure the devices remain secure and compliant to applicable regulations over their operational lifetime.Doble's Transient Cyber Asset program is growing due to the continuing evolution of the North American Electric Reliability Corporation's (NERC) critical infrastructure protection (CIP) cybersecurity standards. NERC CIP-003-8, which went into effect in January 2020, expanded transient cyber asset requirements to low impact substations, bringing many more power plants and utilities within scope of the security mandates.

Read More

Axis Security named a winner among the Top 100 Cybersecurity Startups for 2020

prnewswire | August 03, 2020

Axis Security, the secure application access company, today announced that is has been named a Top 100 Cybersecurity Startup for 2020.Axis Security competed against many of the industry's hot startups in cybersecurity for this prestigious award. Cyber Defense Magazine searched the globe and found over 3200 cybersecurity companies with nearly 30% in the startup range having been incorporated within the last 36 months or releasing their first round of innovative cybersecurity products and services. "We're pleased to name Axis Security as a winner among the Top 100 Cybersecurity Startups for 2020 in our second annual Black Unicorn awards. This award showcases those companies like Axis Security with this kind of incredible potential in the cybersecurity marketplace.

Read More

Spotlight

"With every new data breach revealed or costly identity-theft case reported, consumer confidence in the security of online banking erodes. This loss of confidence in online services can have a direct impact on the ability of financial institutions to reduce costs and increase efficiency through the online-banking channel.Today, financial institutions offering Internet-based and mobile-banking services face increasing pressure to provide enhanced consumer protection against phishing, sophisticated malware (e.g., man-in-the-browser attacks, ZeuS, SpyEye, Ice IX, ransomware) and other fraudulent activities.

This primer outlines a necessary response to the increased number of identity fraud cases and continued threats from phishing, malware and man-in-the-browser attacks. Security threats will continue to evolve and financial institutions should invest in security platforms that provide the flexibility to implement new approaches and adapt to future challenges."