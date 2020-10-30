Nearly 90% of organizations say malicious bots are proving increasingly elusive to identify and … [+] destroy. getty

96% say good bots are important to the success of their organization’s eCommerce, yet 80% have lost revenue to bad bots.

81% of businesses often or very often deal with issues related to malicious bots.

80% say there has been an increase in the financial loss within their organization because of more complex and sophisticated bot attacks.

One in four say a single bot attack has cost them $500,000 or more in the past year and two in three say a single attack has cost $100,000 or more.

These and many other fascinating findings are from Kount’s 2020 Bot Landscape & Impact Report published earlier this week. The report’s methodology is based on interviews with online retail and eCommerce business employees with full-time roles related to fraud prevention, customer experience, payments and management. Please see page 3 of the study for additional details on the methodology.

The findings bring to light new insights into how businesses are using good bots, the breadth of the threat posed by different types of malicious bots and the state of bot mitigation and management. It is a fascinating read for anyone involved in cybersecurity in general and bots specifically. Key insights from the study include the following:

Malicious bots target every point of the customer journey with the greatest concentration of them attempting to breach Account Creation and Account Login sessions. Kount’s survey found that the sophistication of malicious bots is growing quickly. It’s common to find malicious bots designed for brute force or credential stuffing attacks, automated credit card testing to identify usable stolen credits cards, price and content scraping for competitive advantage and social bots designed to mislead or inflame users. Malicious bots are now being used to launch Distributed Denial of Service attacks (DDoS) to disrupt or take down a website or digital service.

Recommended For You

Kount’s 2020 Bot Landscape & Impact Report

Kount’s research found that malicious bot attacks can take hours to detect and stop and they’re costly. One in four companies reports a single malicious bot attack cost their organization more than $500,000. The quick-hit nature of malicious bots and the financial damage they can do in a very short time explains why Event-Based Bot Detection is becoming a high priority for retailers and any organization that relies on e-commerce for revenue. The majority of organizations surveyed, 58%, have had more than 50 bot attacks in the last twelve months, with more than a third of attacks taking longer than six hours to detect and stop. Just how financially destructive malicious bots can be is reflected in two-thirds of businesses saying a single attack cost their company more than $100,000 or more in lost revenue.

Kount’s 2020 Bot Landscape & Impact Report

Malicious bot attacks freeze organizations from generating revenue, taking care of customers and getting orders out the door to customers, creating costly chaos. Malicious bots can crash a website, steal customer information and create fake accounts. Malicious bot attacks have also frozen inventory, crippled customer service and stopping order fulfillment. The bottom line is malicious bots cost millions of dollars a year across organizations, making this area of cybersecurity a high priority for many CISOs and CIOs in digitally-driven industries, including online retailing and e-commerce.

Kount’s 2020 Bot Landscape & Impact Report

Nearly 90% of organizations say malicious bots are proving increasingly elusive to identify and destroy. Current cybersecurity applications and technologies aren’t always effective at created the adaptive response needed to identify and eradicate malicious bots from corporate networks. Web Access Firewalls, Content Delivery Networks and dedicated bot vendors have baseline functionality for controlling bots, but can be missing key functionalities needed by eCommerce businesses. Missing from all these solutions is an event-based approach to identifying malicious bot attempts, as well as distinguishing good bots, bad bots and questionable bots.

Current cybersecurity applications and technologies aren’t always effective at created the adaptive response needed to identify and eradicate malicious bots from corporate networks. Web Access Firewalls, Content Delivery Networks and dedicated bot vendors have baseline functionality for controlling bots, but can be missing key functionalities needed by eCommerce businesses. Missing from all these solutions is an event-based approach to identifying malicious bot attempts, as well as distinguishing good bots, bad bots and questionable bots. IT, Infrastructure and Cybersecurity teams own the problem of solving malicious bots in most organizations surveyed. As malicious bots impact revenue if they are successful, ownership for eradicating them is often shared across departments. When bots affect online transactions, fraud and web teams get involved. The following results from the Kount survey reflect the strong cross-functional focus organizations have to battle malicious bots as the totals sum to over 100%.

Kount’s 2020 Bot Landscape & Impact Report

Conclusion

Taking an event-based approach to bot detection based on AI and machine learning shows the potential to differentiate between good, questionable and malicious bot activity. Capitalizing on supervised and unsupervised machine learning algorithms makes it possible to identify those trustworthy bots or need to be blocked. Kount’s combining of its Identity Trust Data Network and deep expertise in AI and machine learning can identify and segment bots at key interaction points across the customer journey.

www.kount.com

Kount’s Event-Based Bot Detection takes a layered approach that links network, device, and behavioral characteristics to billions of trust and risk signals to assess risk in real-time and in the attack context. I find it unique and noteworthy about Kount’s approach to AI and machine learning for fraud detection because they rely on trust scores derived from their Identify Trust Data Network. It serves as a massive data set for training AI and machine learning models, combining network, device and behavior signals based on billions of transactions they have been monitoring since creating the network over a decade ago.

Source