Knock Out Cybercrime with Bot Mitigation and Identity Security

Stopping cyberattacks is a top priority for digital businesses. There are more than 24 billion stolen credentials available for sale on the dark web, which allowed attackers to gain unauthorized access in over 50% of the 20,000 security incidents analyzed in the 2022 Verizon Data Breach Investigations Report (DBIR). Website owners feel the pain when their sites sustain credential stuffing, carding and account takeover (ATO) attacks in an attempt to validate and use the stolen information.

Beating Bots

Bots are the heavyweights of automated cyberattacks. Credentials stolen during data breaches are sold over and over on the dark web, and fraudsters use automated bots to attempt logins with the stolen usernames and passwords they purchased. Once they get into an account, they can make fraudulent purchases, create fake accounts, submit fake credit applications and otherwise impersonate someone’s identity. In addition, compromised accounts can be used to distribute malware, which starts the web attack lifecycle all over again. Fortunately, there are ways that digital businesses can fight back and win against bots.

1. Behavior-based Bot Management

Tools like device fingerprinting, behavioral signals and predictive analysis help determine if login attempts on a website are initiated by a human or a bot. Modern advanced machine learning can quickly collect and analyze data to make an accurate determination — human or bot — with very low false positives. Additionally, frictionless next generation verification tools are now available to replace CAPTCHA and reCAPTCHA.

2. Identity Management

The Cybersecurity and Infrastructure Security Agency (CISA) recently stated that cybersecurity should be focused on identity. Cybercriminals leverage stolen credentials to steal identities in ATO attacks, so protecting user identity is another important step in preventing cybercrime. For instance, Okta is a user identity and access management platform that uses adaptive multi-factor authentication (MFA) to confirm a user’s identity.

A Winning Team

PerimeterX and Okta work together to block bots and authenticate users. A sensor, which is easily injected on the client-side of a website, collects information about the environment, the device and the interaction taking place. The sensor sends a variety of signals such as the stack trace, window size, fonts, extensions, battery level and mouse movement in real time to the platform. All of this data then goes through a detector which decides if the login attempt is from a bot or a human.

In addition to blocking bots, it’s important to ensure that the human logging in is the true owner of the login credentials. Integrating one of the following login procedures can help authenticate a user:

Social Single Sign-on (SSO)

This lets users login via their social media or Google accounts, which minimizes friction for the user.

Adaptive MFA

This offers businesses the ability to integrate the following levels of MFA into their login procedure:

• Weaker assurance level: Users need to know answers to questions such as their mother’s maiden name or the town in which they were born.
• Middle assurance level: Users need to input codes received via email or a mobile device.
• Strongest assurance level: Users are validated by face recognition or fingerprint.

Next Generation Verification

Applications are now available that send a push to users’ smartphones via the app which can’t be interrupted or deflected in the way text messages can.

Continuous Authentication and Evaluation

New solutions monitor users throughout their post-login journey to assign and continually update risk scores based on profile, statistical comparisons and new behavior. This identifies account abuse and enforces security policies that stop malicious activity.

All of this is backed up by behavioral analytics happening behind the scenes that help determine how risky a login is. Additional information such as IP and geographical location is also important in deciding if a login should be blocked, which requires another level of screening.

When it comes to cybersecurity, businesses using a layered defense model are the clear champions no matter what cyberthreat they’re matched against. This includes bot mitigation, continuous authentication and identity management technologies. For more information on how PerimeterX and Okta work together to stop account takeover attacks, check out the full e-book here.