Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
6/7/2016
10:10 AM
Lynda Grindstaff
Lynda Grindstaff
Partner Perspectives
50%
50%

Bots -- Harmful Or Helpful?

As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

There has been a lot of talk in the news lately about bots -- software web robots that run automated tasks over the internet. Bots typically perform simple and repetitive tasks much faster than humans can. There are personal assistant bots, chat bots, command line bots, and even app stores for bots. Facebook launched a bunch of new bots, Google has a home device with a bot built in, and Microsoft is in the bot game, too.

Bots have been around for several decades, but they are growing in popularity thanks to advances in machine learning and natural language processing algorithms. These new bots mimic humans, know your personal preferences, and act on your behalf, prompting conversation, answering questions, and making reservations or purchases. But are these bots safe to use, and can they be trusted?

Are Bots Trustworthy?

As with anything related to software, there are good software programs and bad ones; bots are no exception. Good bots come from reputable sources, perform useful tasks, and help their human counterparts be more productive. In fact, many good bots have been around for years with no incidents 

Bad bots are more active, generating up to twice as much internet traffic as good bots. As bot capabilities get more sophisticated, hackers are using bad bots to impersonate humans, troll the web for vulnerabilities, gather pricing information, or automate attacks. In some ways, bad bots are no different from other malware. They can infect files, steal credentials, send spam, invoke phishing attacks, run denial of service (DoS) attacks, and open backdoors into critical systems.

However, the bigger threats to your business may be price scraping, content theft, and product or service aggregation, cutting into your revenue and margins. We’ve recently heard about bad bots purchasing large amounts of entertainment tickets for resale at higher prices. Bots are also actively working to get your pricing information for competitors or discounters, stealing your content for reuse, damaging your search engine optimization (SEO), influencing your advertising, and skewing your analytics.

Your customers and employees are also being targeted, as bots try to steal personal information and credentials for aggregation and resale. These bots learn personal preferences, activities, and interests; watch your movements; and steal your confidential information without your knowledge. Additionally, cybercriminals could remotely control your computer and perform illegal activities such as stealing your intellectual property, spreading spam, and distributing malware via bots. As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

How To Spot Bad Bots

Here are some tips for identifying bad bots:

  • Look at the country your traffic is coming from and verify that it is a legitimate place your company does business.
  • Study traffic that is originating from cloud data centers, which are often used by bots, both good and bad.
  • Consider “prove that you are not a robot” tests for critical information such as account signups and pricing or purchasing details.
  • Evaluate the benefits of two-stage login and form submission, using email, mobile phone, or other two-factor authentication techniques.
  • Frequently mine your traffic logs for domain names that are bot traffic and block them in your firewall.

Good and bad bots are probably here to stay, and they will continue to grow in capability as we learn more about natural language processing and expand machine-learning capacity. Security systems and defensive techniques will develop along with bot capabilities. What is your opinion of the opportunities and threats of bots? Let us know in the comment section below.

Lynda Grindstaff creates the future for Intel Security as the Senior Director of the Innovation Pipeline. In this role, Lynda leads a global team that brings the future to life for Intel Security through innovative strategies and prototypes. Her tenure with Intel spans two ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NarendranV
100%
0%
NarendranV,
User Rank: Apprentice
6/20/2016 | 6:13:43 AM
Try not to block legitimate users...
As you have mentioned, sophisticated bad bots mimic human behavior and try to bypass bot prevention technologies that may be in place. However, the improvements in machine learning, and intelligent bot detection techniques enhanced with inputs from data science experts that study bot patterns/behavior, will ensure that new bot threats are contained effectively. Also, advanced bot blocking techniques need to ensure that legitimate users do not get classified as bots. For example, some mobile browsers like Opera route their traffic through proxy servers for serving mobile-optimized pages to mobile clients. Proxy servers could have a different country of origin from the end user, or could be hosted in data centers. In that case, "looking at the country your traffic is coming from, and studying traffic from cloud data centers" need to be considered carefully so as not to block legitimate Web traffic and users.

Many online businesses are benefited by good bots. However, the business owners need to be aware of how bad bots can actually impact their businesses - and, it's promising to see many businesses acknowledging bot issues in the last couple years, than before.

Disclosure: I work for ShieldSquare, a real-time cloud-based bot prevention company.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...