OpenAI Bans Iranian ChatGPT Accounts Used for Interfering in the Upcoming U.S. Election
Published on August 19, 2024
After investigating hundreds of billions of bad bots requests in 2018, Distil Networks, bot mitigation company, reveals that bot attack sophistication is continually evolving, as attackers adapt to dodge detection.
Bots are automated tools or scripts that are designed with specific tasks in mind. Basically, they can do in seconds what it would take humans to do in hours, which makes them economically efficient. Like anything on the Internet, bots are both good and bad. The good ones work for companies like Google who crawl the Internet to find all the information you need to see when you search for something. The bad ones work for attackers, fraudsters, hackers, and more.
"They can easily automate nefarious activity, including web scraping to steal content or pricing information, account takeover, transaction fraud, denial of service, competitive data mining, unauthorized vulnerability scans, spam or click fraud. As the sheer volume, sophistication, and business damage of these attacks grow, bad bots put a costly strain on IT staff and resources," Distil Networks' Edward Roberts, senior director of product marketing, told TechNadu. "Perhaps the most widely recognized use case for bad bots is on social media, as a result of interference in the 2016 U.S. Presidential election. In this case, bots can be used to create fake accounts, aggregate and manage those accounts and magnify one person’s agenda so to seem more widespread than it really is. Political bots, in particular, can be used to exaggerate politicians’ popularity and manipulate the public conversation."
Of course, bad bots can be used to exploit all kinds of goods and services online, from concert tickets to airline tickets, to gift cards and so on.
In 2018, The Bad Bot Report shows, 1 in 5 website requests, or more than 2% of web traffic, came from bad bots. Almost three-quarters of these bots are classified as "Advanced Persistent Bots" which means they can cycle through random IP addresses, enter through anonymous proxies, change identities and mimic humans. Also, as a side note, Amazon is the leading ISP for originating bad bot traffic, leading the list with 18% of traffic.
Another important detail is that more than 53% of bot traffic originates from the United States, but Russia and Ukraine combined makeup nearly half of country-specific IP block requests. Financial services were big on the attacker's radars with 42.2% of traffic coming from bad bots. The Ticketing industry also had over 39% of traffic coming from the same actors, while the Education sector saw nearly 38% of all traffic produced by bad bots.
Since Distil is one of the leading fighters against bad bots in the world, we asked exactly what methods they deploy to detect and snuff out bad bots. In short, they mix various methods to combat these bots, including vigilant service, superior technology, and industry expertise.
"Distil collects and analyzes data about each device and its behavior as it roams your website, then pinpoints anomalies specific to your site’s unique traffic patterns. An ensemble of machine learning models identifies bad bot behavior across all Distil-protected sites. Along with other real-time intelligence, this is fed through our database of known violators—the world’s largest—and shared with all Distil customers 24/7," Roberts added. "Biometric data validation, such as mouse movements (velocity, click, drag, scroll, swipe, and accelerometer data), catch botnets that use malware to hijack real devices. You can set rate limits based on device fingerprints—not IPs—to govern pages per minute, pages per session, and session length."
Bots can be great if used for good, but they can obviously also be quite dangerous, crawling for information that could help attackers crack open highly important accounts that can damage your online security and, who knows, even your credit score if the wrong accounts are hacked in.
So, what do you think of the bad bots problem? Let us know in the comments section below. Please share the article online and follow TechNadu on Facebook and Twitter for more tech news, guides, reviews, and interviews.