Imperva report reveals record climb in bad bot traffic
Malicious bot traffic climbed to record highs in 2020, new research by leading security firm Imperva reveals. Healthcare websites, such as those providing information on COVID-19 vaccinations, were particular targets.
The 2021 Imperva Bad Bot Report is the eighth annual global in-depth analysis of bot traffic across every industry. The latest study finds that last year witnessed the highest percentage of bad bot traffic (25.6%) since the inception of the report in 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life.
Key findings include:
⦁ Bots are targetting COVID-19 vaccine appointment sites. Imperva Research Labs monitored a 372% increase in bad bot traffic on healthcare websites since September 2020. More recently, as vaccines became available to more age groups, Imperva Research Labs recorded bot activity at rates of 12,000 requests per hour. For health systems, pharmacies and retailers involved in the vaccine rollout, bots could disrupt the supply chain by polluting the network and make it harder for legitimate users to access appointment scheduling services.
⦁ Scalper bots took advantage of the global pandemic. These bots use automated methods to secure goods, and throughout 2020 were used to stockpile commodities. At the beginning of the year, bots were used to hoard large inventories of face masks, sanitisers, detergents, home workout equipment and more.
⦁ Bots involved in account takeover fraud increased. Businesses with a login page on their website are under continuous credential stuffing and credential cracking attacks. In 2020, 34% of all login attempts originated from malicious bots. This is a particular concern for healthcare.
⦁ The United States is both the most attacked nation and largest host of bad bots. For a seventh consecutive year, the US was the most attacked nation by bad bots (37.2%) with China (8.3%) and the United Kingdom (6.9%) following behind. Bad bots were often launched from the same country they were targeting - the US is the leading country where bad bots are hosted (40.5%).
Commenting on the report, Edward Roberts, Director of Strategy and Application Security at Imperva said: “As we’ve monitored over the past eight years, bad bots continue to ravage the internet, while attack characteristics are becoming more advanced and nuanced over time.
“Throughout the past year and during a global pandemic, bad bots have thrived by targeting new markets and the impacts are now felt by everyday consumers. Bad bots must be a top concern for businesses and security practitioners in 2021 as the problem is likely to grow. Organisations must take proactive action to secure their websites, applications and APIs from these threats as bots are increasingly involved in fraudulent activity that can be a source of reputational and financial damage.”
Read our article featuring Terry Ray, SVP at Imperva, discussing how healthcare providers can protect themselves from cyber attacks in Healthcare Global's latest magazine
Microsoft launches Tech for Social Impact for elderly care
Microsoft Tech for Social Impact, the tech giant's division offering tools for non profit organisations, has announced it is expanding to include aged care non profits around the world.
This means that non profit organisations helping elderly residents in nursing homes or with other daily support will now be eligible for technology grants and discounts of up to 75%, as well as training and capacity building to help with digital transformation.
The care home sector has been one of the hardest hit by the COVID-19 pandemic, caring for some of the most vulnerable people in society. As a result organisations around the world have been deploying innovative technologies, such as IoT to create monitoring solutions that enable independent living, through to AI-driven robots that provide companionship as well as alert the user's care team if there are any changes to their symptoms.
The German Red Cross (DRK) is an early adopter that is already benefitting from this programme expansion as part of Microsoft Tech for Social's pilot scheme. DRK provides services and assistance to over 40,000 people at more than 500 aged care facilities in Germany, with a further 90,000 receiving care in their own homes.
Thanks to Microsoft 365 cloud technologies such as SharePoint and OneDrive, along with Teams for communication, DRK was able to continue its daily work even at the height of the pandemic crisis. Residents of DRK facilities used Teams to keep in touch with relatives despite restrictions to visits, and there are plans to continue using these channels in the future to prevent isolation among residents.
Following the pilot’s success, the programme will offer discounts and grants to eligible organisations for its Microsoft cloud stack including Business Applications, Azure and Modern Work, leveraging the firm's sector-specific tools with Microsoft Cloud for Nonprofit which will be generally available in the second half of 2021.
Microsoft estimate that around 75,000 new non profit organisations around the world will be eligible for the programme.