Research Highlights Bot Defense Performance Across 1,000 Top Websites in Consumer Services, Financial, Government, News and Media and Retail Sectors
San Francisco, CA. Distil Networks, Inc., the global leader in bot detection and mitigation, today announced the findings of a new study that evaluated how top websites performed when attacked by advanced, evasive, simple and crude bots. This data was revealed today as one criterial component of the Online Trust Alliance’s (OTA) Online Trust Audit. Now in its 8th year, the Audit and Honor Roll recognizes excellence in the adoption of best practices in consumer protection, security and responsible privacy practices. The audit evaluated the top websites in retail, financial services, consumer services, OTA members, news and media, and top U.S. government agencies. The data revealed a record 50 percent of sites have qualified for the Honor Roll, up from 30 percent just two years ago. At the same time, the audit identified concerning gaps in site security and data privacy practices.
Bots are used by competitors, hackers and fraudsters and are the key culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, data theft, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime. Bots vary in volume and sophistication, but all place an increasing burden on IT security and web infrastructure teams across the globe and wreak havoc across online operations big and small.
“Bots, especially Advanced Persistent Bots (APBs) are evolving in sophistication because of their polymorphic nature and quick deployment to access sensitive information and reap monetary benefits. Our 2016 Bad Bot Landscape Report found over 88 percent of all bad bot traffic last year was made up of APBs – bots that mimic human behavior,” said Rami Essaid, CEO and co-founder of Distil Networks. “OTA’s Trust Audit continues to set the bar for best practices, including evaluation of bot risk. We support OTA’s efforts to promote best practices in the industry and are troubled to find that most companies are failing to keep their defenses up to the sophistication level of today’s advanced and evasive bots. This is concerning, as bots can easily paralyze website infrastructure, pirate entire online directories and destroy a company’s competitive advantage.”
“The 2016 Online Trust Audit revealed record levels of sites qualifying for the Honor Roll, yet we are seeing increased threats which underscores the importance of taking a comprehensive view of sites’ security,” said Craig Spiezle, executive director of Online Trust Alliance. “A site is only as strong as its weakest link. Left unchecked, bad bots threaten the resilience and trust of the internet.”
Distil Networks tested each of the 1,000 websites included in the Online Trust Audit on their ability to defend against bot attacks of different sophistication levels. These included:
- Browser automation bots (Advanced bots)
- Hidden legitimate browser bots (Evasive bots)
- Bots lacking well-formed web browsers (Simple bots)
- Those bots acting as bots (Crude bots)
Detection rates by vertical
| Vertical | Crude | Simple | Evasive | Advanced |
| Consumer Services | 75 percent | 18 percent | 4 percent | 1 percent |
| Government | 70 percent | 7 percent | 0 percent | 0 percent |
| Financial Services | 65 percent | 12 percent | 0 percent | 0 percent |
| News and Media | 64 percent | 7 percent | .09 percent | .09 percent |
| Retailers | 78 percent | 11 percent | 1.6 percent | .08 percent |
| Members | 67 percent | 13 percent | 1 percent | 1 percent |
[su_box title=”About Distil Networks” style=”noise” box_color=”#336588″][short_info id=’73666′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.