SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Businesses face $2.58 million in losses per hour from bots

Fri, 20th Dec 2024

Cequence has revealed new insights from its CQ Prime threat research team indicating that businesses could face average potential losses of USD $2.58 million per hour throughout December due to malicious bot traffic and fraud attempts.

The report, based on data from Cequence's Unified API Protection (UAP) platform, highlights how cybercriminals exploit the increasing attack surfaces during peak shopping periods such as Black Friday and Cyber Monday.

Findings from the study show a significant rise in e-commerce transactions, which doubled from 5.1 billion in 2023 to 10.4 billion in 2024. Of these transactions, 34.62% were flagged as malicious, reflecting a 138.57% increase from the previous year.

Over an 11-day period from Black Friday to Cyber Monday, the report identifies potential losses from cybercrime amounting to USD $681.12 million, with projections for December 2024 estimating losses averaging USD $2.58 million per hour, totalling USD $1.79 billion.

There was also a marked increase in sophisticated attack techniques, such as credential stuffing, SMS pumping, and token farming, which rose by 700% year-over-year.

Real-world mitigation examples include a major e-commerce company that managed to thwart an SMS pumping attack—costing USD $3,000 every four hours—by blocking fraudulent account creation to prevent further financial losses using Cequence's bot and API protection capabilities.

Cequence also reported handling a 125% surge in traffic on Black Friday, during which it blocked 11.5 million malicious attempts while maintaining seamless customer experiences.

The research underscores the challenge for businesses to defend against high-volume, sophisticated attacks, as highlighted by the 72.6% increase in mitigated malicious traffic from 2023 to 2024.

Randolph Barr, Chief Information Security Officer at Cequence, commented, "Cybercriminals are seizing on the rapid growth of digital commerce, using increasingly sophisticated tactics to target both businesses and consumers. This year's findings are part of a broader trend: as e-commerce continues to evolve, so too does the scale and complexity of cyber threats. These findings highlight the critical need for businesses to adopt robust API and bot management solutions to protect revenue, maintain customer trust, and stay competitive in an increasingly digital world."

The research and recommendations include enhancing incident readiness with regular security drills, mapping the attack surface to eliminate exploitable blind spots, and aligning security measures with business objectives to simultaneously protect and enhance user experiences.

Cequence also advises deploying multi-layered security strategies, monitoring anomalous behaviour, strengthening access controls, investing in real-time threat management, and optimising systems for high-traffic events like Black Friday for improved security during peak periods.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X