Businesses in the UK are guilty of underestimating the threat posed by bot attacks, according to a new report from bot detection and mitigation specialists Netacea.
Polling businesses in the travel, entertainment, e-commerce and financial industries, the company found that the majority understand the most common attacks, such as credential stuffing or card cracking.
Most have also suffered a bot attack, but many seriously underestimate the prevalence of bots.
Companies believe bots are responsible for around 15 percent of their web application traffic, but Netacea claims that more than half of all the web traffic today is generated by bots, suggesting businesses are unaware of a “great deal of the bot traffic” on their sites.
Businesses also have no idea about the circles in which cybercriminals operate once customers' accounts have been compromised, with just just one percent aware of dark web marketplaces.
Online entertainment sites are the most confident in their ability to mitigate bot attacks, according to Netacea, with more than half claiming not to have been attacked in the past 12 months.
According to the majority of respondents, the responsibility for addressing bot attacks is shared by at least four departments, which usually end up “passing the problem along”, or even ignoring it completely.
“Current circumstances mean that businesses are relying on their online presence more than ever before,” said Andy Still, CTO, Netacea.
“This also means more opportunities for online criminal enterprises looking to increase their profits. And while the majority of businesses are not oblivious to the problem of bot attacks, the inevitable conclusion of this research is that this awareness is not leading to action.”
“High profile attacks, such as ransomware that locks down sites completely, have dominated the headlines recently, which may have led to this complacency. Bot attacks, while more subtle, can be just as devastating to a business, as accounts are stolen and sold on, card fees become crippling, and bad decisions are made on the basis of faulty data,” cautioned Still.