Last year saw an unprecedented scale of cyber-attacks and data breaches facilitated and accelerated by Covid-19, from scalper bots targeting the PS5 launch to Twitter’s high-profile hack in July. Cybercriminals are upping the ante to capitalise on increased online activity, and automated technology is set to play a huge part in the defence against bot attacks in 2021.

Over recent years, botnet attacks have hit platforms hard with their mass destruction approach to cyber-attacks. However, the tide has turned, and automated bot technology now makes targeted attacks infinitely quicker and simpler to carry out, exposing online gaming and streaming businesses to greater threats. The challenge lies in accurately identifying these highly targeted automated bot attacks that are designed to hide in plain sight, masquerading as genuine users, before they can carry out malicious activity such as credential stuffing, fake account creation and scraping.

FinTechs have emerged as the digital-first answer to transforming the banking industry. Legislation such as the EU’s PSD2 and the UK’s Open Banking have cemented their place in the financial services environment, while removing much of the red tape that surrounds financial services to encourage collaboration and ensure security by design. Much of this collaboration is facilitated by open APIs, but what do we know about the API layer and security vulnerabilities that threaten your FinTech when it is exposed?

At Netacea, we wanted to know just how aware businesses are of bots and if they fully understand the threat to their organisation. Which roles are responsible, how confident are they in their bot mitigation strategies, and how well-placed is this confidence? We surveyed 200 enterprise businesses across travel, entertainment (including online gaming and streaming), e-commerce and financial services to get a broad picture of how bots are understood and protected against.

In 2020 the poor security of other businesses is now very much, your problem. While you might be protecting your customers’ credentials with the best possible security, lax measures elsewhere mean those very same credentials are readily accessible for purchase. Increasingly sophisticated bots are used to validate the millions of stolen credentials against login forms. And yet, these bots are no longer only targeting high-value goods and accounts but hijacking and selling streaming and food delivery accounts.