In our blog series on security trends, we’ve been diving deeper into the five security predictions for 2020 made by our CTO Kunal Anand during his fireside chat with Imperva CMO David Gee. Watch it here.
As I’ll discuss in my upcoming blog on defense-in-depth and reducing risk, being “connected” all the time, including via IoT devices, has serious implications for security. But by protecting APIs and other potentially weak points in an organization with a layered protection approach, you can thwart increasingly sophisticated cyberattacks. This is especially true when it comes to preparing for the expected rise in automated attacks.
The Rising Bot Problem
Any Internet-facing business has to acknowledge the bot problem that plagues websites, mobile applications, and the APIs that power them. After all, while almost 58 percent of web traffic comes from humans, the rest comes from bots. Bad bots alone account for almost 22 percent of all web traffic today. This number is only expected to increase.
As Anand puts it, automated attacks are a “really, really intractable problem right now because a lot of people are looking at stopping bot attacks through one specific channel. And today, it’s just really around web applications.”
Truly, as automated attacks increase over the next year in both scope and scale, they’ll most definitely be going beyond the web application.
That increasing number of IoT devices, estimated by Gartner to reach around 20.4 billion this year, in turn amplifies the risk of DDoS attack. Without any real security, networks of IoT devices are quite vulnerable to being hacked and controlled by malicious actors as an IoT botnet.
Automate Your Protection
From an attacker’s perspective, automated attacks on web applications and beyond are financially rewarding. DDoS attackers can expect to pay less than $60 to wreak havoc on an organization. These attacks can cause damages that cost enterprises an average of 2 million dollars per attack. So how do you defend your organization and your endpoints against the appeal of an attack?
It starts with fighting an array of automated threats with an automated defense system.
Luckily, Imperva’s global footprint and scale gives us the power to monitor and stop the biggest and most complex botnet attacks, even as they rapidly evolve and outsmart many other security solutions.
With Imperva Bot Management, we enable security and IT teams to mitigate automated attacks against not only applications but also APIs and mobile devices.
And with Imperva DDoS Protection services, we protect websites, DNS servers, entire infrastructures, and even individual IPs for clients who don’t own their entire networks and have hosted workloads in the cloud.
In 2019, Imperva mitigated some of the largest botnet attacks automatically, with no manual (human) intervention required, and without impact to our network or our infrastructure. This was made possible in part by our SD-NOC infrastructure service which allows our network to function as a global DDoS scrubbing center, capable of identifying DDoS attacks from any PoP (point of presence). It automatically shifts attack traffic away for optimal DDoS mitigation, and within our industry-leading 3-second SLA against any type of attack, of any size or duration. Guaranteed. Read more here about the largest DDoS attacks to date witnessed by our security team at Imperva Research Labs.
More Automation Forthcoming
As attackers become more proficient at and reliant upon automation to carry out malicious activity, machine learning and automation from Imperva will help you conserve security resources. Without relying on manual intervention, we can protect all your digital assets for the best end user experience and for assurance that your brand reputation remains intact.
As a company, we’re focusing even more on automation technology that has the firepower to protect you and your organization better. Stay tuned for more updates this year.
Featured Webinar: Take on 2020 with Vision. Imperva CMO David Gee sits down with Imperva CTO Kunal Anand to discuss all the trends you should watch for in 2020. Watch here.