Blog, Events & News
Part Three: How Are Bots Affecting Your Industry?
By Sabrina / 02nd Sep 2020
We recently carried out a survey of 200 UK enterprises across e-Commerce, financial services, entertainment and travel. In part two of our blog series, we discussed the current state of bot attacks. As we continue our blog series, we investigate how bots are affecting different industries.
We surveyed enterprises in the industries we saw as the most at risk. While there are common factors across these industries, the experience of bot attacks is not universal, especially when it comes to the consequences.
In blogs one and two we discovered that while enterprises have a high-level understanding of the challenge bots pose to their business, they lack understanding and visibility of the increasingly sophisticated automated bot threat.
As we explore the impact of bots on enterprise organisations further, we want to establish the cost of bad bots. We asked businesses: If they were to suffer a bot attack on their website, what impact would this have?
What are bad bots costing your industry?
76% of businesses believe a bot attack would lead to a loss of customers, and 74% believe it would lead to major reputational damage.
We can break this down by industry. Entertainment and financial services connect a bot attack to a loss of customers most strongly. Both industries are in very competitive markets. Financial services providers are trusted with their customers’ livelihood and if they are compromised, it could have severe consequences for their customers. Within entertainment, the problem is the number of rivals offering similar services.
Travel providers are most concerned about reputational damage. With several travel providers suffering from well-publicised data breaches, this is an industry that is very cautious about the impact of bot attacks.
In May 2020, easyJet announced that the personal information of nine million customers may have been exposed in a cyber-attack, including over 2,200 credit card records. The hacker gained access to financial information, email addresses and travel details. Customers, especially in the travel industry, are more vulnerable to credential stuffing attacks following a data breach and should practice good password hygiene as a precaution.
E-commerce firms are most concerned about the quality of their analytics. As bots attack a website, it’s ever more difficult to tell what has been browsed by a real person and what has been by an automated bot. For e-commerce websites, this reduces the quality of analytics used to advise business decisions.
Each industry understands the threats they face in theory, but they don’t seem to understand the reality.
75% of businesses have been attacked by bots in the last two years
Around a quarter of businesses reported that they haven’t been attacked by a bot in the last two years, which is very unlikely.
Within the industries surveyed, almost every financial services provider and travel provider reports that bots have attacked them at some point. But over half of entertainment businesses say they have not been attacked.
This difference is likely down to a lack of visibility rather than a true reflection of the facts. Many businesses with a partial or full bot management solution in place, are reliant on client-side bot detection technology. This is limiting and does not give the organisation the comprehensive and accurate visibility of traffic to their online estate – websites, mobile apps and APIs – of which a server-side solution is capable.
We believe that there is a great deal of overconfidence when it comes to bot mitigation and we will investigate this in more detail in the fourth and final blog in our series.