A recent report from cybersecurity firm Netacea reveals that businesses in the US and UK are losing a significant portion of their online revenue due to malicious bot attacks. According to the report titled “Death by a Billion Bots,” which surveyed 440 businesses across various sectors, the average firm loses $85.6 million annually to bot attacks, representing a substantial increase from $33.3 million per business in 2020. This loss is claimed to be even higher than the average ransom payment or GDPR fine imposed on businesses.
The report highlights that 53% of these attacks originate from Russia or China, while 48% come from endpoints in Vietnam, although the actual threat actors may be located in different countries. The majority of these attacks, accounting for 65%, target mobile devices, followed by websites (63%) and APIs (40%).
Alarming statistics indicate that the severity of the problem is escalating. Almost all companies, 99% to be exact, that detected an automated attack reported an increase in attack volumes. Furthermore, 13% of these businesses labeled the increase as “significant,” indicating the intensifying threat landscape.
The report identifies various types of attacks employed by bots, with sniper bots being the most common, reported by 49% of the respondents. Sniper bots meticulously monitor time-based activities and submit information at the very last moment, which can be highly detrimental in dynamic pricing environments, particularly in the financial services sector.
Account checker attacks (45%), scraper bots (33%), gift card crackers (30%), and scalper bots (29%) were also frequently observed in these malicious activities. Each of these attack types poses unique risks and challenges for businesses, leading to financial losses and potential reputational damage.
Another concerning aspect of these bot attacks is the duration they go undetected. Netacea calculated the average “dwell time” to be four months, meaning these attacks can persist for a significant period before being discovered. Moreover, nearly all respondents (97%) stated that it takes over a month to respond to these automated attacks, indicating a delay in implementing effective countermeasures.
The impact of these attacks extends beyond financial losses, also affecting customer satisfaction and overall reputation. A staggering 88% of the surveyed businesses claimed that bots have impacted their customers’ satisfaction negatively. This highlights the importance of addressing bot attacks promptly and effectively to protect not only the bottom line but also the image and trustworthiness of the companies involved.
Andy Still, co-founder of Netacea, warns about the cumulative effect of these attacks, which are eroding millions of dollars in value from online businesses and tarnishing their operations and reputations. Still further emphasizes that since the fastest growth of bot attacks is observed in countries where law enforcement is limited, businesses should expect these attacks to proliferate in number.
In conclusion, the Netacea report sheds light on the significant revenue loss suffered by businesses in the US and UK due to malicious bot attacks. The escalating volume and sophistication of these attacks pose significant challenges for companies across various sectors. Addressing this issue promptly and implementing robust security measures are crucial to mitigate the financial and reputational risks associated with bot attacks.