Bots – The Backbone of Cyber Crime (First in a series)

IStock_000036693764_Large

“Necessity is the mother of all inventions.” But, unfortunately the knife cuts both ways—necessity also drives threat actors to innovate faster in order to keep their multi-billion dollar industry thriving. The FBI botnet report in 2014 stated: “According to industry estimates, botnets have caused over $9 billion in losses to U.S. victims and over $110 billion in losses globally. Approximately 500 million computers are infected globally each year, translating into 18 victims per second.” Bots reduce the time for an offensive, significantly tipping the balance in favor of the hackers. Bots also anonymize the identity of the attacker in control and can launch massive coordinated attacks against any service/application on the Internet.

Why then are bots still prevalent? Is getting rid of them harder than eradicating Polio? Sadly, when one botnet gets taken down, another botnet with more sophistication takes over without missing a beat. As long as there are profit-driven organized cyber crime rings, there will be malicious activity threatening the web landscape.

Is there no solution? Is it the dawn of cyber-nuclear apocalypse? Far from it, the Security industry is not complacent. The dynamics of the cybercrime ecosystem is becoming clear with a community approach to crime fighting. For instance, the Imperva Threat Radar threat intelligence feed is generated by a crowd-sourced platform and community of peers. The FBI botnet report also states “Through a collaborative process, the FBI hopes to launch aggressive and comprehensive mitigation strategies through joint investigations and operational partnerships with law enforcement partners, private industry, and academia.”

By harnessing the collective insight of Imperva SecureSphere WAF deployments around the world and correlating events from multiple reputation services, Threat Radar delivers crowd-sourced threat intelligence in near real-time to provide early detection and comprehensive defense against known malicious sources. Imperva ThreatRadar Bot Protection Services can accurately distinguish “good” vs. “bad” bots and take the right measures.  In the next part of the botnet blog, we will focus on botnet’s role in account takeover and how to mitigate them.