Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
6/7/2016
10:10 AM
Lynda Grindstaff
Lynda Grindstaff
Partner Perspectives
50%
50%

Bots -- Harmful Or Helpful?

As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

There has been a lot of talk in the news lately about bots -- software web robots that run automated tasks over the internet. Bots typically perform simple and repetitive tasks much faster than humans can. There are personal assistant bots, chat bots, command line bots, and even app stores for bots. Facebook launched a bunch of new bots, Google has a home device with a bot built in, and Microsoft is in the bot game, too.

Bots have been around for several decades, but they are growing in popularity thanks to advances in machine learning and natural language processing algorithms. These new bots mimic humans, know your personal preferences, and act on your behalf, prompting conversation, answering questions, and making reservations or purchases. But are these bots safe to use, and can they be trusted?

Are Bots Trustworthy?

As with anything related to software, there are good software programs and bad ones; bots are no exception. Good bots come from reputable sources, perform useful tasks, and help their human counterparts be more productive. In fact, many good bots have been around for years with no incidents 

Bad bots are more active, generating up to twice as much internet traffic as good bots. As bot capabilities get more sophisticated, hackers are using bad bots to impersonate humans, troll the web for vulnerabilities, gather pricing information, or automate attacks. In some ways, bad bots are no different from other malware. They can infect files, steal credentials, send spam, invoke phishing attacks, run denial of service (DoS) attacks, and open backdoors into critical systems.

However, the bigger threats to your business may be price scraping, content theft, and product or service aggregation, cutting into your revenue and margins. We’ve recently heard about bad bots purchasing large amounts of entertainment tickets for resale at higher prices. Bots are also actively working to get your pricing information for competitors or discounters, stealing your content for reuse, damaging your search engine optimization (SEO), influencing your advertising, and skewing your analytics.

Your customers and employees are also being targeted, as bots try to steal personal information and credentials for aggregation and resale. These bots learn personal preferences, activities, and interests; watch your movements; and steal your confidential information without your knowledge. Additionally, cybercriminals could remotely control your computer and perform illegal activities such as stealing your intellectual property, spreading spam, and distributing malware via bots. As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

How To Spot Bad Bots

Here are some tips for identifying bad bots:

  • Look at the country your traffic is coming from and verify that it is a legitimate place your company does business.
  • Study traffic that is originating from cloud data centers, which are often used by bots, both good and bad.
  • Consider “prove that you are not a robot” tests for critical information such as account signups and pricing or purchasing details.
  • Evaluate the benefits of two-stage login and form submission, using email, mobile phone, or other two-factor authentication techniques.
  • Frequently mine your traffic logs for domain names that are bot traffic and block them in your firewall.

Good and bad bots are probably here to stay, and they will continue to grow in capability as we learn more about natural language processing and expand machine-learning capacity. Security systems and defensive techniques will develop along with bot capabilities. What is your opinion of the opportunities and threats of bots? Let us know in the comment section below.

Lynda Grindstaff creates the future for Intel Security as the Senior Director of the Innovation Pipeline. In this role, Lynda leads a global team that brings the future to life for Intel Security through innovative strategies and prototypes. Her tenure with Intel spans two ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NarendranV
100%
0%
NarendranV,
User Rank: Apprentice
6/20/2016 | 6:13:43 AM
Try not to block legitimate users...
As you have mentioned, sophisticated bad bots mimic human behavior and try to bypass bot prevention technologies that may be in place. However, the improvements in machine learning, and intelligent bot detection techniques enhanced with inputs from data science experts that study bot patterns/behavior, will ensure that new bot threats are contained effectively. Also, advanced bot blocking techniques need to ensure that legitimate users do not get classified as bots. For example, some mobile browsers like Opera route their traffic through proxy servers for serving mobile-optimized pages to mobile clients. Proxy servers could have a different country of origin from the end user, or could be hosted in data centers. In that case, "looking at the country your traffic is coming from, and studying traffic from cloud data centers" need to be considered carefully so as not to block legitimate Web traffic and users.

Many online businesses are benefited by good bots. However, the business owners need to be aware of how bad bots can actually impact their businesses - and, it's promising to see many businesses acknowledging bot issues in the last couple years, than before.

Disclosure: I work for ShieldSquare, a real-time cloud-based bot prevention company.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.