Facing daily attacks of growing sophistication, a major airline turned to PerimeterX to block account takeovers, and price and inventory scraping, reducing mitigation costs, impact to brand value, customer compensation and lost employee hours.
This top ten airline in the United States serves over one hundred destinations and employs over 20,000 people. The majority of its business comes through online transactions via the company website and its mobile applications. The airline receives over 6 million website visits per month, servicing millions of travelers, agencies and corporate customers each year.
As the volume and sophistication of web-based bot attacks have skyrocketed over the past five years, like its competitors, this airline was barraged by bot attacks.
During peak attack periods, the ratio of bad traffic to good traffic could be as high as 20 to 1. The bot operators were damaging the company’s business in multiple ways. Bots checking price information and seat inventory would book seats that never sold, negatively impacting the airline’s look-to-book ratio and frustrating real customers who were trying to buy seats. More concerning, bot operators were executing account takeover attacks with the potential to hijack customer accounts and steal credit card information as well as mileage and loyalty points to be sold on the Dark Web. These attacks were costing the airline time and resources, and had the potential of causing significant brand damage as well as customer compensation for theft. Lastly, huge volumes of malicious bot traffic was distorting key analytics data and business metrics (such as look-to-book). This was impeding the airline’s ability to effectively price, market and analyze its ongoing online business.
Over 25 percent of traffic to company properties was coming from malicious bot networks and bot-driven attacks.
Bot Defender incorporates over 100 different data inputs including device Bot Defender incorporates over 100 different data inputs including device and agent type, network and cloud hosting information and even on-page user behaviors to determine which visitors are humans and which are malicious bots. The PerimeterX team worked closely to get the airline up and running quickly. The airline’s team found that Bot Defender dropped in smoothly and required minimal integration and configuration changes. They loved the responsiveness of the PerimeterX team, including direct Slack channel access to their PerimeterX peers.
After the airline installed Bot Defender, a botnet operator targeted the company with a massively distributed account takeover attack. Volume of website login traffic increased 30-fold, to over 5 million requests per day, hammering the airline’s log-in with endless combinations of user names and passwords. The attacker spoofed thousands of user agents and distributed the attack across tens of thousands of physical and virtual machines, utilizing over 100,000 IP addresses. In short, the attacker used the most modern and sophisticated techniques to mask the nature of the bot requests and mimic real user behaviors. The airline’s cybersecurity team had never seen some of the techniques deployed and said that in the past they would have spent weeks or months digging out manually from the attack. This time was different. This attacker spent a lot of money and resources, but the airline’s information security and eCommerce teams barely noticed the attack. Bot Defender proved to be a reliable prevention solution, and importantly demonstrated tangible real business value, saving the airline significant time and money while proactively protecting its brand.
PerimeterX Bot Defender provided unique preventive capabilities to help the airline identify and stop entirely new types of attacks.
Using machine learning and behavior-based analytics, PerimeterX solutions detect and block automated bot attacks and client-side threats with unparalleled accuracy. Your online business is protected while preserving user experience and page response times.
PerimeterX is cloud-based and platform-agnostic. Using machine learning, we constantly update our library of attack patterns based on interactions with applications, fingerprints from devices and network characteristics to protect against the next new threat.
To keep watch over your web and mobile applications and APIs, PerimeterX functions as an extension of your team and provides responsive, best-in-class service and around-the-clock security analyst oversight.