ARTICLES

Protecting Enterprise from Bot Attacks

Human verification is an interesting topic: On the one hand, it is one of the original technical challenges addressed by the earliest computer scientists – including, of course, the great Alan Turing. His familiar Turing test is still one of the staple discussion topics in any university course on algorithms, and the famous test still represents an excellent and intuitive example of how software be intelligent.

One the other hand, however, human verification remains one of the most significant challenges for modern enterprise teams. Bot attacks are being used successfully every day by malicious actors to commit credit card fraud, takeover accounts, scrape websites, generate Spam, and many more exploits. These attacks are levied against applications, APIs, digital media, and much more. It’s not a great story.

Enter HUMAN. Previously known as WhiteOps, the New York-based company has been evolving its technology over the years. We were first introduced to HUMAN CEO and Co-founder, Tamer Hassan and his team back in 2018, when we first blogged about the company and its platform. We had the opportunity to catch up with the firm recently – and we heard quite a bit about their technical progress. Below is a summary of what we learned.

“The statistics on bot attacks are concerning,” explained Hassan. “Over three quarters of all current Internet exposures are being performed by automated bots, and their severity is just getting worse. We’ve seen these bots looking much more human, with all sorts of fake but highly realistic requests to websites and applications. This is done using stolen and compromised end-user devices.”

The flagship HUMAN Verification Engine works by collecting relevant traffic, interpreting this traffic between the transport and application layers (OSI layers 4 through 7), and then utilizing over three hundred and fifty different algorithms – many of which employ machine learning and statistical analysis – to identify whether a given source is human or not. Some specific use-cases have warranted additional custom algorithms.)

The human-or-not decision-making typically includes gathering information on the requesting device, software, application, and configuration. This data is correlated with thousands of related collections to help identify the nature of the source. Trained HUMAN analysts support the overall ecosystem by hunting for new threats that can help shed light on emerging botnets and botnet-related behaviors.

“The damage that automated attack tools can produce to the enterprise, as well as to specific business domains such as on-line advertising, cannot be underestimated,” said Hassan. “And the sophistication of the malicious threats has advanced to the point where traditional methods such as CAPTCHAs, CDNs and Web application firewalls (WAFs) just cannot detect the attacks. This helps to illustrate why an advanced platform is necessary to stop automated bot campaigns.”

From a TAG Cyber analyst perspective, bot mitigation is clearly essential to any organization for which website, API, or application transactions constitute a non-trivial portion of the business. For verticals such as on-line advertising, the threat is even more intense. This implies that CISOs and their IT partners should be designating programs, staff, and budget to dealing with this security problem.

The HUMAN BotGuard solution is obviously well-designed, and the security cases shared by Hassan and his team were impressive. They shared with us, for example, a situation in which a delivery company was trying to mitigate a staggering 70% of their inbound traffic coming from automated bots. Each 10% reduction was claimed by the client to literally save millions of dollars in reduced fraud.

Readers who handle on-line transactions – and especially on-line ads – should be including automated bot mitigation in their architecture. Sadly, most compliance programs have not strongly mandated this controls to date (an omission), but this should not sway a CISOs enthusiasm to proceed. And it would appear to our team at TAG Cyber that selection of the HUMAN BotGuard solution should produce good results.

So, give HUMAN a look – and as always, please share with us your experiences with any proof of concept, test, deployment, or operations projects. We look forward to hearing from you.