Cyber-criminals are increasingly making use of automation and bots to launch attacks, according to a new analysis by Barracuda Networks.
In its new report, Threat Spotlight: Automated attacks on web applications, the cybersecurity firm revealed that over half (54%) of all cyber-attacks it blocked in November and December were web application attacks which involved the use of automated tools.
The most prevalent form was fuzzing attacks, making up around one in five (19.5%). This uses automation to detect and exploit the points at which applications break. This was followed by injection attacks (12%), in which cyber-criminals make use of automation tools such as sqlmap to gain access to applications.
Fake bots also represented 12% of the total number of attacks blocked by Barracuda. These are automated attacks that pretend to be a Google bot or similar. Making up the top five web application attacks were application DDoS (9%) and bots blocked by site admins (2%).
While bot traffic is growing, the researchers noted that more traditional web app attacks, such as injection attacks and cross site scripting (1%), remained prevalent.
Tushar Richabadas, senior product marketing manager at Barracuda Networks, commented: “Automated attacks can overwhelm or infiltrate web applications, and defending against all the varieties of automated attacks can be daunting.
“The good news is that multi-purpose solutions are consolidating into Web Application Firewall and WAF-as-a-Service solutions, also known as Web Application and API Protection services (WAAP). Thus, organizations looking to bolster their defenses against this growing threat should look for a WAAP solution that includes bot mitigation, DDoS protection, API security and credential stuffing protection, as a minimum, and also make sure it is properly configured.
“It is also important to stay informed about current threats and how they are evolving, so that your business can be defended against them. Over the coming year, we can expect automated bot attacks, attacks against APIs and attacks against software supply chains to develop in quantity and sophistication, especially as these newer attacks have fewer protections and defenses blocking them.”