Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
6/7/2016
10:10 AM
Lynda Grindstaff
Lynda Grindstaff
Partner Perspectives
50%
50%

Bots -- Harmful Or Helpful?

As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

There has been a lot of talk in the news lately about bots -- software web robots that run automated tasks over the internet. Bots typically perform simple and repetitive tasks much faster than humans can. There are personal assistant bots, chat bots, command line bots, and even app stores for bots. Facebook launched a bunch of new bots, Google has a home device with a bot built in, and Microsoft is in the bot game, too.

Bots have been around for several decades, but they are growing in popularity thanks to advances in machine learning and natural language processing algorithms. These new bots mimic humans, know your personal preferences, and act on your behalf, prompting conversation, answering questions, and making reservations or purchases. But are these bots safe to use, and can they be trusted?

Are Bots Trustworthy?

As with anything related to software, there are good software programs and bad ones; bots are no exception. Good bots come from reputable sources, perform useful tasks, and help their human counterparts be more productive. In fact, many good bots have been around for years with no incidents 

Bad bots are more active, generating up to twice as much internet traffic as good bots. As bot capabilities get more sophisticated, hackers are using bad bots to impersonate humans, troll the web for vulnerabilities, gather pricing information, or automate attacks. In some ways, bad bots are no different from other malware. They can infect files, steal credentials, send spam, invoke phishing attacks, run denial of service (DoS) attacks, and open backdoors into critical systems.

However, the bigger threats to your business may be price scraping, content theft, and product or service aggregation, cutting into your revenue and margins. We’ve recently heard about bad bots purchasing large amounts of entertainment tickets for resale at higher prices. Bots are also actively working to get your pricing information for competitors or discounters, stealing your content for reuse, damaging your search engine optimization (SEO), influencing your advertising, and skewing your analytics.

Your customers and employees are also being targeted, as bots try to steal personal information and credentials for aggregation and resale. These bots learn personal preferences, activities, and interests; watch your movements; and steal your confidential information without your knowledge. Additionally, cybercriminals could remotely control your computer and perform illegal activities such as stealing your intellectual property, spreading spam, and distributing malware via bots. As good bots grow in popularity and sophistication, bad bots will also grow in complexity to evade current tools and imitate humans.

How To Spot Bad Bots

Here are some tips for identifying bad bots:

  • Look at the country your traffic is coming from and verify that it is a legitimate place your company does business.
  • Study traffic that is originating from cloud data centers, which are often used by bots, both good and bad.
  • Consider “prove that you are not a robot” tests for critical information such as account signups and pricing or purchasing details.
  • Evaluate the benefits of two-stage login and form submission, using email, mobile phone, or other two-factor authentication techniques.
  • Frequently mine your traffic logs for domain names that are bot traffic and block them in your firewall.

Good and bad bots are probably here to stay, and they will continue to grow in capability as we learn more about natural language processing and expand machine-learning capacity. Security systems and defensive techniques will develop along with bot capabilities. What is your opinion of the opportunities and threats of bots? Let us know in the comment section below.

Lynda Grindstaff creates the future for Intel Security as the Senior Director of the Innovation Pipeline. In this role, Lynda leads a global team that brings the future to life for Intel Security through innovative strategies and prototypes. Her tenure with Intel spans two ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NarendranV
100%
0%
NarendranV,
User Rank: Apprentice
6/20/2016 | 6:13:43 AM
Try not to block legitimate users...
As you have mentioned, sophisticated bad bots mimic human behavior and try to bypass bot prevention technologies that may be in place. However, the improvements in machine learning, and intelligent bot detection techniques enhanced with inputs from data science experts that study bot patterns/behavior, will ensure that new bot threats are contained effectively. Also, advanced bot blocking techniques need to ensure that legitimate users do not get classified as bots. For example, some mobile browsers like Opera route their traffic through proxy servers for serving mobile-optimized pages to mobile clients. Proxy servers could have a different country of origin from the end user, or could be hosted in data centers. In that case, "looking at the country your traffic is coming from, and studying traffic from cloud data centers" need to be considered carefully so as not to block legitimate Web traffic and users.

Many online businesses are benefited by good bots. However, the business owners need to be aware of how bad bots can actually impact their businesses - and, it's promising to see many businesses acknowledging bot issues in the last couple years, than before.

Disclosure: I work for ShieldSquare, a real-time cloud-based bot prevention company.
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
IoT Vulnerability Disclosure Platform Launched
Dark Reading Staff 10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15270
PUBLISHED: 2020-10-22
Parse Server (npm package parse-server) broadcasts events to all clients without checking if the session token is valid. This allows clients with expired sessions to still receive subscription objects. It is not possible to create subscription objects with invalid session tokens. The issue is not pa...
CVE-2018-21266
PUBLISHED: 2020-10-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2018-21267
PUBLISHED: 2020-10-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2020-27673
PUBLISHED: 2020-10-22
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27674
PUBLISHED: 2020-10-22
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.