About 90 per cent of credential abuse attacks are delivered from within Australia through local ISP networks, according to a report.
In its study, Bots Down Down Under – An Australian Market Threat Report, web security company Kasada analysed two specific actionable issues for businesses.
The company examined how credential abuse attacks were delivered to companies through customer data as well as bot visibility and whether Australia’s top websites can differentiate between browsers (real humans) and bots.
The study found a growing number of internationally-based cybercriminals are routing attacks through homegrown networks, debunking the ‘Island Australia’ theory that geo-blocking guards against attacks.
It showed about 90 per cent of the country’s top websites were unable to differentiate a customer from a bot on login pages, which leaves bots free to attack, consume bandwidth, spike server costs and slow page loading.
Kasada CEO Sam Crowther said attacks, particularly credential abuse, have the capacity to comprise everything from a customer’s personal information to business, and even national security.
“As many aspects of our lives are global – and much of our information now lives online – this shift places tremendous emphasis on businesses to protect and defend against potential threats,” he said.
“The economic impact of bot attacks on businesses is well documented – a cost equating to an average of $2 million across time, compensation and customer churn.”
According to Kasada in 2018, credential abuse attacks represented the third-largest source of reported data breaches.
This has implications on a company’s reputation, and impacts customers and business operations long after the attack has taken place, said Crowther.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.