According to analysis from LexisNexis, human-based digital fraud attacks are increasing more quickly than bot-based attacks — a difference CISOs should leverage for their defenses. Credit: janews / Shutterstock Differentiating between manual and bot attacks, and homing in on human ones in particular, can give security professionals a leg up on combatting fraud attempts versus corporate systems. According to a report released Thursday by LexisNexis Risk Solutions, last year automated attacks (aka bots) did not see nearly the same increase (2%) as manual/human attacks, which soared by 19%. The report’s insights on digital fraud attacks were based on an analysis of 92 billion transactions. A cybercrime specialist not affiliated with the report said that the human versus bot attacks figure reported by LexisNexis was not surprising, but it does suggest an important tactic for CISOs to consider, given the rise in manual attacks revealed by the study. Automated bot attacks are extraordinarily more efficient than human ones, said Matt Harrigan, a VP at Leviathan Security. “You don’t need to increase the quantity of bots at nearly the same rate that you would need to increase manual attacks,” Harrigan said, of the differing methods attackers use to compromise systems. But these days, Harrigan said, attackers are overwhelmingly using manual attacks and automated attacks for very different purposes. Manual attacks are typically used for trying out new attack vectors. And if those attack methods succeed, it becomes a zero-day that will be visiting CISOs in a few days. Bots are then used to launch that new attack in massive volumes. That means that CISOs should make sure that systems are trying to differentiate between automated and manual attacks. And to then examine manual attacks very carefully, Harrigan said. CISOs should “spend extra time” examining the manual attack attempts, he said, as doing so may give the security operations center a sneak preview of a zero-day, thereby giving them the ability to tweak defenses to try to thwart an imminent attack conducted potentially at scale by follow-on bots. “Every time [an attacker] knocks off a piece of armor, somebody figures out how to make a better piece of armor,” Harrigan said. “It’s always a cat and mouse game.” The LexisNexis Risk Solutions report — available here — also identified the 2023 geographies must likely to have launched attacks as “parts of Southeast Asia [that] are established homes for dedicated remote scam centers. Cybercriminals favor border areas in Cambodia, Myanmar, and remote parts of Thailand.” Addressing fraud and scams, rather than cybercrime in general, the report noted several trends over the past few years. “In APAC, third-party account takeover has become even more dominant than in 2022, driven by a relentless scam pandemic across the region which for now is primarily fueling subsequent unauthorized fraud attempts, in contrast with the authorized transfer scams seen in EMEA,” LexisNexis researchers wrote. “Bonus abuse worsened in both EMEA and LATAM, linked to both gaming and gambling and ecommerce. North America saw significant YOY percentage growth of true identity theft in 2023, offsetting a decline in third-party chargeback fraud as a percentage of all classifications.” The report also noted an ongoing security weakness with mobile devices, which suffered the greatest attack rate growth, prompting LexisNexis Risk Solutions to label the mobile channel “the least secure.” “The lightweight nature of mobile browsers limits the availability of digital intelligence and risk signals, a boon to attackers relying on ambiguity,” according to the report’s researchers. “The preponderance of mobile app transactions makes that channel’s comparatively muted attack rate growth more concerning for organizations meeting consumer demand for mobile experiences overall.” Related content news Australian cops bust underworld app through compromised software updates The authorities infiltrated Ghost’s distribution channel and modified updates to gain access to subscribers’ phones. By Shweta Sharma Sep 18, 2024 4 mins Hacking Cybercrime feature Top 10 ransomware groups to watch From LockBit 3.0 to DragonForce, these are the most active or sophisticated ransomware groups that CISOs want to watch out for. By Lucian Constantin Sep 16, 2024 12 mins Ransomware Encryption Cybercrime analysis The 18 biggest data breaches of the 21st century Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory. By Michael Hill, Dan Swinhoe and John Leyden Sep 12, 2024 18 mins Data Breach Phishing RSA Conference news The US offers a $2.5M bounty for the arrest of Angler Exploit Kit co-distributor The State Department has placed a bounty of up to $2.5 million on information leading to Volodymyr Kedariya’s arrest. By Shweta Sharma Aug 29, 2024 3 mins Hacking Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe