It’s A Brave New Bot-Filled World, With Great Possibilities And Even Greater Risks

‘Bots’ short for robots, are essential to the Internet ecosystem. It is estimated that more than 60 percent of botwebsite traffic is not human, but bots. Bots are essentially software programs that perform automated, repetitive, pre-defined tasks.  These tasks can include almost any interaction with software that has an Application Program Interface (API).

There are many varieties of bots. Some are just basic programs that execute physical work such as ‘Crawlers’ who run continuously in the background, primarily procuring data from other APIs or websites. Then there are specialized crawlers called ‘Spiders’ that extract URLs from documents, download the content and then pass it off to an indexing system to analyze, and construct into searchable indexes like Googlebot. Some only monitor e-commerce websites for price changes, and still, countless others, monitor for site errors, bugs, and performance issues. However this is not the end of the story, but merely just the beginning.

The evolution of bots focuses on the boundless possibilities and opportunities for both businesses and individuals. Add in Artificial Intelligence (AI), Machine Learning (ML), and Natural Language Processing (NLP) all of which enable greater accuracy in understanding both spoken and typed words are bringing never-before-imagined levels of personalization and predictive assistance to generations of mobile-intuitive consumers who are content and self-assured with messaging as a communication paradigm.

These smarter bots have a unique server-side processing component that allows seamless interaction as they are able to understand and respond to queries balanced with a live network for assistance. We interact with these bots through Mobile messaging and/or Chatbots. These natural language interfaces enable retailers, restaurants, and multitudes of other companies to communicate with customers in an innovative and compelling way from hailing a cab, ordering takeout, designing that unique pair of shoes, or paying your credit card bill.

Then there are the autonomous bots, the most rapidly accelerating bot space which includes the Internet of Things (IoT) devices encompassing the self-driving car; to  ‘Amy Ingram,’ a virtual assistant; to Amazon’s Delivery Drones. These bots will eventually require zero human intervention to their jobs.

In contrast, no conversation about bots would be complete without an overview of the Malicious bots which are capable of causing enormous damages to organizations network infrastructures, reputations, brands or their bottom lines.

As technology advances and becomes more easily accessible, bots are becoming the go-to tool of choice for cybercriminals accounting for over 80 percent of all cyberattacks. Add in human characteristics from AI, and these bots become harder to detect by the authorities. While other malicious software corrupts and damages the infrastructure of their targets, these advanced bots are also known as ‘Impersonators’ infect networks in a way that escapes the immediate notice, and the damages can quickly run into the millions.

Here’s how it works: Cybercriminals use Social Engineering techniques such as Phishing, spam, or malicious websites to entice users to download and install various forms of malware, i.e., malicious software including

Traditional-Botnet

A malicious bot, also known as a “Zombie,’ not unlike a worm, is self-propagating malicious software designed to infect a host and connect to a C&C or central command and control server(s). Bots are part of a network of infected computers, known as a ‘botnet,’ which can stretch across the globe controlled by a ‘botnet herder.’

No network is immune.

Once the botnet infiltrates, they go to work logging keystrokes, collecting passwords, amassing e-mails, gathering financial information, spreading spam, capturing and analyzing packets, hijacking servers, and launching Distributed Denial of Service (DDoS) attacks.

DDoS attacks are an ever-growing threat to businesses, growing in both scope and DDos-attack-modeoccurrence every year. Moreover, they are becoming harder to thwart because the attacks are allocated across sundry public anonymous proxies including TOR enabling the substitution of users’ IP addresses with untraceable proxies.

A discussion of impersonators would not be complete without the mention of Googlebot-again. These imposter bots gain privileged access and capture tons of sensitive, valuable online information. Additionally, they are utilized for DDoS attacks. According to the folks at Incapsula, ‘1 out of 25 bots are up to no good.’ Source: Incapsula

two-faces-of-google-dr-crawlit-mr-hack

Cybersecurity is often described as an arms race, Security professionals vs. Cybercriminals. Both sides are tirelessly working to stay ahead of each other. When one side finds a newer more resilient defense, the other side develops a shrewder more destructive offense. What was a sure thing today, is sure to be old news tomorrow. Never stop learning.

Protecting yourself and your organization requires immediate action. 

  • Never open e-mails from unknown senders.
  • Never download attachments or click on links from unknown senders.
  • Never click on pop-ups.
  • Never insert an unknown USB stick into your PC, Laptop, etc.
  • Never store sensitive or critical data only on your PC. Have at least two backups– an external hard drive and in the cloud.
  • Adjust your browsers’ security and privacy settings.
  • Use an HTTPS connection for all credit card transactions.
  • Keep your operating system and software up to date.
  • Never log in as an administrator. Rather choose a guest with limited privileges.
  • Removed outdated plugins and add-ons.
  • Disable ActiveX content in Microsoft Office applications.
  • Block TOR and I2P.
  • Disable remote desktop.
  • Use an anti-virus product.
  • Use a traffic filtering solution that can provide proactive anti-ransomware protection.
  • Block binaries running from %APPDATA% and %TEMP% paths.
  • Work with the C-Suite to enact social engineering awareness training for all employees.
  • Consider a Computer Incident Response Team (CIRT), based on the organization’s needs and available sources.
  • Have a tested business continuity plan in the event of any cyberattack.

P.S., I am not a bot annie2

Cybersecurity is a shared responsibility. Stop. Think. Connect.