Botnet Attacks on the Rise: Companies to Invest Heavily in API Security

  • By Josie Witaschek
  • in
  • on July 22, 2021

Recently, companies are beginning to shift to the use of the cloud and expose functionality via Application Programming Interfaces (APIs). Cybercriminals have been taking this new exposed entry to their advantage as new technologies often lack the proper security.

With APIs becoming more commonly used in companies, cybercriminals have been using Botnets to carry out malicious attacks on them. CSO Mag describes a botnet as a collection of internet-connected devices that an attacker has compromised, they act as a force multiplier for individual attackers, cyber-criminal groups and nation-states looking to disrupt or break into their targets’ systems. Common in Distributed Denial of Service (DDoS) Attacks and can be used to easily send spam to the masses, steal credentials with ease, or by spying on people and organizations.

API bot attacks are, in particular, becoming a major issue for E-Commerce businesses. Since they are used to carry out the stealing of credentials and private information, this puts a big target on the backs of e-commerce businesses. Specifically, they are being hit by tactics such as price scraping, sneaker bots, grinch bots, and gift card stuffing. These tactics can be used to share pricing information with competitors, automate purchases, and find specific products online and purchase them. Research done by Imperva revealed that over 30% of traffic to e-commerce sites are bots, 18% of traffic to e-commerce sites comes from bad bots, with 24% of those bad bots being classified as sophisticated. With these attacks on the rise, it is ever important for companies, especially those in e-commerce to invest in bot and API security.

As of late, the situation is only getting worse. The Council to Secure the Digital Economy (CSDE) shared a report stating that a single botnet can include more than 30 million “zombie” endpoints and allow these cybercriminals to profit roughly six figures per month. This has a serious impact as these DDoS attacks threaten health and research facilities as well as government services around the world, with these attackers using the circumstances of the pandemic for their personal gain. Botnets have been used on social media platforms to spread disinformation about the pandemic to threaten the global dialogue surrounding it and using the demand for information to incorporate phishing scams. They have been also used to specifically target vendors of face masks and hand sanitizer as the pandemic caused an influx of customers making them a big target for botnet attacks.

A report by Radware states that APIs are the next big threat as they are used to process a variety of sensitive information such as payment information, user credentials, social security information, etc. making API security the most critical area for companies to invest in 2021. They also mention that 55% of organizations receive a DDoS attack on their APIs monthly yet only 24% of organizations have a dedicated solution for bot management.  For API Security, F5 Labs recommends a few best practices to protect your APIs against hacking.

  • Do not store information in APIs that are not meant to be shared
  • Don’t expose more data than necessary
  • Encrypt traffic using TLS
  • Inventory and manage your APIs
  • Use a strong authentication and authorization solution

To protect yourself against botnet attacks in general, Panda Security recommends some tips on how to avoid them.

  • Keep your operating system up-to-date
  • Don’t open files from unknown or suspicious sources
  • Scan all downloads before running the downloaded files, or find different ways of transferring files
  • Don’t click suspicious links
  • Install an antivirus program

Leave a Reply

PUBLISHED BY Josie Witaschek

View all posts by Josie Witaschek

Related Posts

Healthcare

Adam Myers, SVP and Chief Clinical Transformation Officer (CCTO) for the Blue Cross Blue Shield Association (BCBSA) Keynotes our Healthcare Providers and Payers Transformation Assembly

The Millennium Alliance is proud to announce Adam Myers will help start the 2022 season off strong with a keynote address at our upcoming Healthcare Providers and Payers Transformation Assembly on April 19-20. Myers is currently the SVP and Chief Clinical Transformation Officer (CCTO) for the Blue Cross Blue Shield Association (BCBSA), driving clinical transformation […]

#MillenniumLive , Healthcare , Interview , Podcast

#MillenniumLive on Patient Care Coordination with WellSky

#MillenniumLive welcomes Andy Eilert, President of Emerging Markets at WellSky. Andy joins us to chat about investment and growth in the healthcare payer space, care coordination at home, and WellSky’s industry-leading technology that’s enabling caregivers across the continuum. Watch the video interview below, or listen on Spotify, Apple, Amazon Music, Google Podcasts, or SoundCloud. About WellSky WellSky is a technology […]

CIO , Data

Jason Gislason, Chief Digital Officer at Chevron Phillips Chemical Company, Keynotes Our First Assembly of 2022!

The Millennium Alliance is proud to announce Jason Gislason will help start the 2022 season off strong with a keynote address at our upcoming Digital Enterprise CIO & Data Transformation Assembly on February 8-9, 2022. Gislason, currently the Chief Digital Officer at Chevron Phillips Chemical Company, has dedicated over two decades to transforming the Chemicals and […]

CIO , CISO , CMO , Data , Financial Services , Healthcare , Millennium Staff , Retail

Co-Founder of The Millennium Alliance Joins Young Presidents’ Organization (YPO)

NEW YORK – January 20, 2022 – The Millennium Alliance, an invitation-only organization for Senior-Level Executives and Business Transformers, has had the privilege over the past eight years of collaborating with many of the most accomplished C-Suite executives from across the globe. Millennium is excited to announce that its Co-Founder Alex Sobol is one of the newest […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.