IT Brief Asia - Technology news for CIOs & IT decision-makers
Story image
Cyber attacks on the rise due to skyrocketing bot traffic
Thu, 24th Mar 2022
FYI, this story is more than a year old

Cyberattacks, especially automated ones, of all kinds are on the rise, primarily due to skyrocketing bot traffic, according to new research from Sectigo.

The Report, conducted by Sectigo's website security company SiteLock, examined today's web-based threat landscape.

Small and medium-sized businesses are grappling with bot traffic that now accounted for 5.5 times more than human traffic in 2021, compared to 2020, with 2,306 weekly average bot visits per site. Further, the volume of human traffic decreased, indicating that malicious actors are using bots to scale their attacks and target unaware SMB website owners.

"While there are legitimate reasons for bots to visit a website like search engine crawlers and copyright scans, bots are also used for a variety of nefarious purposes," says Jason Soroko, CTO of PKI at Sectigo.

"Malicious bots can programmatically visit websites and identify vulnerabilities in code to execute their attacks, such as stealing data or inserting malware," he says.

"The public internet is a very dangerous place and is increasingly getting worse. Don't commit the fallacy of the underdog - SMB websites have enormous value to bad actors because they have customer data and can be used for phishing attacks," Soroko says.

"It's not just about fraud, either. If websites handle payments, they're obvious targets, too. The content management system platforms SMBs rely on may not protect against these threats. In fact, they are inherently difficult to secure," he says.

"SiteLock's new data underscores the importance of having a comprehensive website security solution in place to protect against these threats and establish digital trust in an increasingly digital world," Soroko adds.

"Even well-resourced enterprises struggle with this. In 2022 and beyond, specialised security tools are a necessity, not a luxury."

The research was conducted by Sectigo's website security protection and monitoring company, SiteLock. The 2022 SiteLock Annual Website Security Report explores the current website security landscape and trends from 2021. SiteLock analysed more than 14 million websites to determine the most prevalent cyber threats organisations face today.

Findings show that the threat landscape continues to grow and evolve, with particularly effective cyberthreats coming into focus, such as Filehacker (35 percent of infected websites with malware contained Filehacker) and Backdoor attacks (31 percent contained Backdoor).

The research found:

  • Ninety-three percent of websites infected with malware were not blacklisted. Thats nine out of 10 websites missed by search engines.
  • Websites are attacked 172 times per day, eight attacks per minute.
  • WordPress sites are 39 times more vulnerable than non-Content Management System (CMS) sites. Plus, plugins impact WordPress vulnerability. For every five plugins on a website, the risk of an attack is nearly double.
  • There are currently an estimated 4.1 million websites infected with malware worldwide.
  • Nearly half (48 percent) of SMB website owners believe they are too small to target, even though half of them have been breached.

"Given the broad range of threats, businesses require a comprehensive security solution. SiteLock is a suite of security products designed to protect SMBs attacks of all kinds," Soroko says.

"With SiteLocks risk assessment tool which analyses more than 500 variables to determine a websites risk level, SMBs can stay ahead of these evolving web threats and keep bad actors from disrupting their online presence."