Botnet attacks grow in frequency, variety

Gone are the days when the majority of tech systems used by customers were mainly based on apps and APIs. Increasingly, customers are making use of bots to access their online services.

However, bots can act as malicious actors in an online environment. In fact,  botnet attacks (in which networks of hijacked computer devices are used to carry out various scams and cyber attacks) are on the rise, and the number of different types of these attacks is growing too. 

This was the word from Andre Combrinck, lead sales engineer of systems engineering at Citrix, speaking at ITWeb’s virtual Security Summit last week.

He was discussing the rise of zero trust and the secure access, secure edge principles amid the ever-increasing move to cloud computing, which has resulted in the rapidly developing world of micro services, and increased cyber security risks for businesses.

Quoting a Gartner report, Combrinck explained that APIs will form a larger surface area for attacks in 90% of Web-enabled applications, by 2021. Most businesses are on the journey to modernise their applications, with micro services-based applications promising so much in terms of business agility, but like all applications, they need to be secured, he noted.

A wide variety

He said not only are botnet attacks on the rise across the globe, the number of variations of these attacks is also growing, and provided a few examples: denial of inventory attack, in which bots visit online shopping sites and load items into shopping carts; click fraud attacks, which see bots clicking on online adverts; credit card attacks, in which bots submit orders with details of various compromised credit cards at high speed in an attempt to find valid numbers; and account creation attacks, wherein bots use sign-up processes to create many fake accounts for subsequent misuse.

“Some attacks have specific outcomes such as an online shopping bot that prevents the legitimate buyers from accessing products on retailer’s Web sites - it's designed to affect the cash flow of the retailer.

“Most botnets currently feature distributed denial-of-service attacks in which multiple systems submit as many requests as possible to a single Internet computer or service, overloading it and preventing it from servicing legitimate requests. An example of this is an attack targeting clicks on certain advertisements which may have some commercial value or be tied to a rewards system. Other bot activity may appear to be innocent and come in the form of a fake user account, which can be used in launching other types of attacks,” he pointed out.

To achieve consistent maximum security across apps and multi-cloud, Combrinck suggested multiple measures of protection including bot management, API protection, visibility analytics, artificial intelligence and machine learning, Web app firewall and micro services app security.

“The sooner we can determine whether traffic is trusted or not the lower the latency on that traffic will become. To achieve a consistent security posture, we need the same level of protection for our micro services applications as we offer to our monolithic applications. This means catering for not only the North and South traffic, but also for the East and West traffic, which sits within the service mesh architecture,” concluded Combrinck.