APTs often arrive as a zero-day threat, with no warning. When they strike, they strike; the damage is done.
As one hole is closed, a cadre of hackers invents a new means of opening and exploiting other holes. Increasingly, hackers are doing their dirty work through automated bots.
Bots are typically zombie computers that have been infected with malware that forces them to do whatever a cyber criminal wants them to do.
For example, one security firm discovered GiftGhostBot, an automated attack that travels all day and all night on the networks of retail firms, robbing consumers of gift cards loaded with credit. GiftGhostBot can strike any website, from a luxury catalog to a coffee purveyor.
This is a prime example of the new cyber security threat gig in town. Automated threats are striking, stealing data and doing damage faster than organizations can respond.
So, what's an IT security manager to do?
IT leaders are accustomed to manual incident response (IR). A human being disarms the attack, implements damage control processes, and gets things back to normal. This is a cumbersome practice when bots attack.
Manual intervention is no match for the automated threat. After all, IT teams can barely keep up with everyday workload in a go-go IT world where technology and security requirements are rapidly changing.
If you can't beat ‘em, join ‘em. That seems to be the next step in combatting automated bots. Strike back with automated IR. Robotic process automation makes it possible for firms to launch automated scripts, or bots in reverse, to respond to security incidents as a human being would.
Automation accelerates IR and provides the scalability to keep up with growing volumes of bot attacks.
Automated IR tools take over these routine, labor-intensive tasks, making it more feasible to combat the risk posed by automated bots.
Automated threat detection uses artificial intelligence (AI) and machine language to solve more complex problems.
Rather than relying on threat “signatures,” these cognitive automation tools analyze data in real time to spot suspicious behavior. While it’s not possible to fully automate this process, cognitive tools provide valuable decision support that helps humans respond quickly to security events.
According to Symantec's security threat report, there was a 125 percent increase in zero-day attacks in 2016. Nearly 75 percent of websites still have unaddressed vulnerabilities. With the advent of bots, this risk is greatly increased.
The best defense is a good offense. A wise preemptive strategy is to seek help in implementing automated IR and threat detection to match the risk of automated attack.