Radware has been tracking the numbers and the causes. In an interview with iTWire Yaniv Hoffman, Radware’s Vice President Technologies based in Hong Kong, explained how the vastly increased number of people working from home has made it easier for the so-called ‘bad guys’.
“The COVID-19 pandemic has accelerated digital transformation in many companies, with many more businesses moving fully online,” said Hoffman.
“We now have record number of people accessing online systems as many more employees are working remotely. We also see many more people signing up to eCommerce platforms.
“The lockdown caused by the pandemic has also meant a significant increase in the use of entertainment services for video streaming and online gaming.”
Hoffman said that increased dependencies on these online services , and the big increase in working from home, has meant that cyber attacks are having a much greater impact.
“Our research shows that from February to April cyber attacks globally increased by 30% to 40%. The remote office has become a significant resource, but also a significant weakness.
“We have to ensure the availability of remote workers or we are risking the productivity of the organisation,” he told iTWire. “Bad bots are responsible for distributed denial of service (DDoS) attacks, which have nearly doubled during the lockdown, and nearly quadrupled in the government sector. Radware’s software alone blocked more than 80 million web attacks in March.”
Hoffman explained that more than half of all Internet traffic today results from automated programs that perform routine tasks. These are called bots, short for robots.
“But there are good bots and bad bots. Good bots help us to accelerate business processes and data collection. Google’s search engine is a good bot. Travel bots like booking.com or trip.com are good bots that help us book our vacation. There are many others.
“But there are also bad bots built by cyber criminals that target websites, mobile application and APIs. We estimate around half of all automated Internet traffic is from bad bots.
“As technology and automation has become more advanced, bad bots are getting more sophisticated. They do a better job of mimicking human behaviour, through such techniques as simulating keystrokes and mouse movements to tweak security screening.
“These sophisticated bots can take over user accounts, they can scrape data, they can alter inventory details and generally disrupt services,” said Hoffman. “And more than three quarters of user organisations have cybersecurity systems that are unable to distinguish between good bots and bad bots.
“This is having a severe impact. Since the COVID-19 lockdowns began we have seen many more successful phishing attempts. Every organisation with a public facing application should have a bot manager to protect them.”
Radware is one of the leading cybersecurity vendors combatting bad bots. It is not as well-known as most of its competitors, largely because it sells mostly through channels and partners. The largest of these is Cisco, which uses its technology extensively in its own security implementations. Check Point is also a significant technology partner.
Bad bots cause a number of problems, explained Hoffman. “They mean that many businesses have to over-provision their network and compute resources to run their websites. They also skew web statistics, and in our data driven digital economy this bad data can pervert decision making.
“Bad bots are interacting with intention. They exploit an organisation’s applications, stealing company information like pricing and inventory levels, or messing around with the eCommerce system to attempt credit card fraud.
“As these attacks become more sophisticated, so do their impacts on the business. They are damaging core business functions such as marketing, sales, supply chains, decision-making and more.”
Radware was founded in Israel in 1997, and has over 1000 employees and annual revenues of US$250 million. Dan McLean, Radware’s ANZ Managing Director, says the company has 14 employees in Australia, where it has operated for over 20 years.
“We've invested strongly into channels in Australia, and we are putting on more sales and technical people as we want build our local presence. We interact with some of our end users directly, but in Australia and large majority of our business is through our reseller channel.”
Most of Radware’s product suite helps its customers build integrated cloud and on premise cyber security solutions. “That’s our differentiator,” says McLean. “We’ve done a lot of work to integrate cloud and on premise security products into a single codebase, with a single server single solution right across the data centre and the cloud.
“As more organisations embark on the digital transformation journey, they are moving more applications into they cloud and running applications from multiple locations. In the current climate that process is accelerating.
“Having the ability to unify and integrate security solutions that are common across the data centre and across the cloud, integrating the physical and the virtual, is really important for many customers as they move from running their own assets in their own data centres.”