Automation and bots have the potential to transform the fintech market for the better, but if misused, malicious bots can remain undetected for months, costing companies $85.6 million annually, equivalent to approximately 50 average ransomware payouts, according to research by Netacea. Their report, titled “Death by a Billion Bots: The Growing Business Cost of Malicious Automation,” highlights that the majority of these attacks occur in the US (48%), with the UK facing 37% of attacks. Europe, excluding the UK, only experiences 9% of such attacks, while the rest of the Americas, excluding the US, sees 7% of attacks.
The research surveyed 440 businesses with an average online revenue of $1.9 billion across various sectors. It also identifies China (72%) and Russia (66%) as the primary sources of these attacks, with Vietnam also emerging as a significant hub.
The report reveals that over 75% of all attack traffic in Europe originates from Russia, with attacks from Russia increasing by 82% in two years and rising by 11% after sanctions were imposed in early 2022.
Examining the evolution of bot attacks, the report notes that website attacks have remained steady at around 65%, while API attacks have almost doubled from 23% in 2020 to 40% in 2022. Mobile app attacks followed a similar trend, increasing from 46% to 65%.
The report underscores the growing threat of automation attacks, which are harder to detect and can chip away at businesses over time. In 2022, 99% of companies detecting automated attacks reported increased attack volumes across all forms. The cumulative impact of these attacks, dubbed “death by a billion bots,” leads to substantial financial losses, damaging reputations and operations. The research indicates that businesses lose an average of 4.3% of online revenues annually, amounting to $85.6 million, and it takes an average of four months to detect these attacks, further compounding their impact. Responding to malicious automation takes over a month for 97% of organizations.
By FCCT Editorial Team