A recent study conducted by Kasada revealed that 98% of organizations that were targeted by automated bots in the past year suffered revenue losses as a direct consequence of these attacks. Web scraping, also known as web crawling, emerged as a major threat, closely followed by account fraud. More than one third of IT/IS specialists reported that their organizations experienced over a 5% revenue loss due to each of these types of attacks.
According to the survey findings, traditional bot mitigation solutions are proving to be inadequate in effectively combating these threats. The report surveyed security and technology professionals from companies that were already utilizing bot management tools, with 67% of them using CDN-based bot detection. Surprisingly, 30% of respondents disclosed that their organizations had dedicated $1,000,000 or more to mitigating bot attacks over the past year.
Despite the substantial financial investments made in bot mitigation efforts, the effectiveness of traditional solutions is diminishing rapidly. Only 1 in 5 respondents claimed that their chosen bot mitigation solution retained its effectiveness for more than 12 months after initial deployment. As a result, a staggering 79% expressed their intent to switch to alternative bot mitigation providers based on detection accuracy and efficacy.
The allocation of bot management budgets also highlighted a reactive approach to addressing these threats, with 63% of funds being directed towards ongoing management and remediation, as opposed to the cost of the mitigation solution itself, which accounted for 37%. This reactive strategy underscores a critical need for more proactive and dynamic approaches to combating bot attacks.
Sam Crowther, CEO of Kasada, emphasized the evolving nature of cyber threats posed by financially-motivated adversaries and the increasing sophistication of new technologies like AI, which are making it easier for attackers to exploit vulnerabilities. Crowther stressed the importance of adopting bot mitigation strategies that are quick to evolve, challenging to evade, and imperceptible to customers.
Furthermore, concerns surrounding AI-driven fraud have emerged as a pressing issue among organizational leaders, with 87% of IT/IS specialists noting that their executive teams are apprehensive about bot attacks and AI-driven fraud. The potential for AI to facilitate more complex and frequent bot attacks was a major point of concern, particularly scenarios involving generative AI enabling cybercriminals to execute sophisticated attacks with greater ease.
Of particular concern to IT/IS specialists were AI-powered bots surpassing CAPTCHAs, as well as the heightened frequency of advanced attacks that could disrupt organizational operations significantly. Additionally, the study revealed that a significant percentage of organizations had experienced substantial revenue losses as a result of various forms of cyber threats, including web scraping, account fraud, and SMS pumping/toll fraud.
Overall, the findings underscore the urgent need for organizations to revamp their approach to bot mitigation and cybersecurity in response to the evolving threat landscape. Proactive measures, coupled with innovative technologies, are essential to safeguarding against the growing risks posed by automated bots and AI-driven attacks in today’s digital ecosystem.