Malicious bots are one of the biggest threats of our connected society. Several factors make up the perfect scenario for increased risk.
The deployment of bot attacks is a growing and threatening reality. And the Internet of Things does nothing more than multiply the scope of risk. The large number of unsafe devices connected and the dependence of the cloud between business and people, together with the proliferation of unscrupulous cybercriminals, form the breeding ground conducive to its advancement.
The number of connected devices has grown substantially in recent years . In addition, most of these devices work with a version of Linux very committed to possible malware attacks. In this way, the Internet of Things offers access to a juicy network of devices capable of becoming a devastating tool for perpetrating DDoS and other attacks.
On the other hand, the emigration of companies to public clouds increases the number of targets available to cybercriminals. And to this must be added the proliferation of the ‘hacker economy’ , with the emergence of marketplaces in which everything is provided so that anyone can execute a cyber attack or hire someone to do it instead.
Radware has just published the report ‘When the bots come marching in. A closer look at the evolving threat from botnets, web scraping and IoT Zombies’ , in which he warns about the increased risk posed by malicious bots.
One of these threats is web scraping, which involves the use of a software tool that collects data from websites and uses them for different purposes , such as copying the content of a legitimate website and publishing it in another without knowledge or permission from the owner, compare prices, monitor data – climatology, stocks, etc. – or detect changes produced on websites. For example, there is a lot of relevant information for companies that can be public, such as air fares, hotels or services, prices of products, schedules, routes, calendars, doctors’ lists, etc.
This practice poses great risks to companies, including theft of intellectual property or data. Also, companies may experience a decline in their profits from the action of aggregators and price comparison websites or the possible leakage of information . In addition, the bot that performs the web scraping can make so many continuous requests that leads to a denial of service (DoS) situation.
Also, Radware warns that bots can be used to make botnets, authentic armies with which to execute automatic cyber attacks through zombie networks that take advantage of the vulnerability of Internet devices of Things. Among the most notable examples we find botnets like Hajime, Mirai or BrickerBot. This type of botnets allow to deploy DDoS attacks, seize networks of video surveillance, disable the devices of a certain network, etc.
To protect devices, the report recommends that you change the factory default credentialsof each device, disable Telnet access to all devices, check and update the firmwarefrequently, prepare in advance for more and more DDoS attacks in the near future , have an appropriate incident response plan in case of occurrence, conduct drills regularly to train the staff, and test and evaluate the effectiveness of the plan and analyze the behavior of the network and the user to detect traffic anomalies.