Latest news with #Imperva
Straits Times
04-05-2025
- Business
- Straits Times
Malicious bots behind nearly half of web traffic in S'pore: Study
Politically-motivated activities have also risen, with these bots setting up social media accounts to proliferate politically-charged messages. PHOTO ILLUSTRATION: PEXELS Malicious bots behind nearly half of web traffic in S'pore: Study SINGAPORE – Malicious bots aided by artificial intelligence (AI) tools now generate 45 per cent of all internet traffic in Singapore, a sharp rise from 35 per cent a year ago, according to a new study. The 2025 Imperva Bad Bot Report, which compared bot traffic between 2023 and 2024, found bad bots to be most prevalent in the gambling, gaming, automotive and travel sectors here. The 12th edition of the report drew from data collected from across the Imperva global network in 2024, including the blocking of 13 trillion bad bot requests across thousands of domains and industries. Singapore ranked fourth among places in the Asia-Pacific that were most targeted by bad bots in 2024, after Hong Kong, Indonesia and Australia, according to the 12th annual study released in late April by United States-based cyber-security firm Imperva. Globally, automated bot traffic surpassed the human-generated type for the first time in a decade, constituting 51 per cent of all web traffic in 2024, according to the study. Of the total bot traffic, 37 per cent were found to be malicious activities, including data scraping, payment fraud, account takeovers, credentials theft and distributed denial of service (DDoS). DDoS attackers make websites unavailable to legitimate users by flooding the sites with queries. With the help of AI, bad bots can mimic human behaviour – including mouse movements and clicks – making them difficult to detect and block, said the report. 'The surge in AI-driven bot creation has serious implications for businesses worldwide,' said Mr Tim Chang, general manager of application security at Thales, which owns Imperva. The emergence of advanced AI tools – including ChatGPT, ByteSpider Bot, ClaudeBot, Google Gemini, Perplexity AI and Cohere AI – has transformed the methods by which attackers execute cyber threats. For instance, bad bots automatically crack outdated mobile applications that do not enforce mandatory updates, write codes to increase attack volumes and collect large quantities of sensitive data . In 2024, Imperva blocked an average of two million AI-powered cyber attacks daily . ByteSpider Bot alone accounted for more than half of all AI-enabled attacks globally. Other significant contributors include AppleBot, ClaudeBot and ChatGPT User Bot. Over the last few months, politically-motivated activities have risen, with these bots setting up social media accounts to proliferate politically-charged messages in the midst of the hustings as Singaporeans prepare to go to the polls on May 3, Appdome, another cyber-security firm, found. Such traffic typically comes in the form of social media post hijacking, where bots produce inflammatory or empathetic messages to rouse viewers to engage with the content, said Mr Jan Sysmans, Appdome's mobile app defence evangelist based in Singapore. 'The people behind these bots are trying to propagate their own agenda and create tension to spark a flame,' he added. 'There isn't a standard way these bots approach (hijacking). It just encourages users to engage in the content, which influences their algorithm. Subsequently, users will get fed more of such inflammatory or empathetic content, creating an echo chamber effect.' Globally, the travel sector is the most targeted, accounting for over a quarter of all bot attacks. It is trailed by the retail, education and financial services sector, according to the Imperva study. Notably, travel websites face an increase in simple bot attacks, possibly launched by less sophisticated criminals using AI tools . These attacks include 'seat spinning', where bots simulate the booking process of flight tickets up to the payment step, without completing the purchase. This hogs tickets and denies potential customers access to them, disrupting airline businesses and jeopardising their reputation. AI tools flooding travel websites with traffic may also inflate the demand and costs of tickets. Online retailers faced threats including scalping, credential stuffing, gift card fraud and DDoS – all year round in 2024 as opposed to just during festive seasons in 2023. Scalping involves buying many of the same items such as limited edition goods or concert tickets at the usual price and reselling them at higher prices. Credential stuffing involves taking over someone's online account using stolen usernames and passwords. Financial services, telecom, healthcare and retail are the most targeted industries for bot attacks on application programming interfaces (APIs). These sectors depend on APIs for critical operations and sensitive transactions, making them prime targets for such sophisticated bot attacks. APIs act like a bridge between applications, allowing them to share data. For instance, an e-commerce platform that accepts credit card payments or bank transfers is linked via APIs to the payment-service firm or the bank. Bots typically steal customer information or competitive intelligence, abuse promotional mechanisms and exploit vulnerabilities in check-out systems for fraud, according to the study. 'Businesses need to take steps to protect themselves from bots and online fraud,' Imperva said, urging businesses to implement multifactor authentication measures and real-time bot detection to protect customers. On how internet users should protect themselves from falling prey to the effects of bad bots, Mr Sysmans said: 'It is going to be very hard, with how advanced AI and technology is now. But one must always be vigilant and ask, 'Is this too good to be true?'' Join ST's WhatsApp Channel and get the latest news and must-reads.
Yahoo
15-04-2025
- Business
- Yahoo
Bots now make up the majority of all internet traffic
More than half of all internet traffic is now made up of bots, according to a new report. Analysis by cyber security firm Imperva revealed that automated and AI-powered bots accounted for 51 per cent of all web traffic in 2024, with so-called 'bad bots' at their highest level since the firm started tracking them in 2013. The researchers noted that the emergence of advanced artificial intelligence tools like OpenAI's ChatGPT and Google's Gemini have led to new cyber threats for web users. 'The surge in AI-driven bot creation has serious implications for businesses worldwide,' said Tim Chang, general manager of application security at Thales Cybersecurity Products. 'As automated traffic accounts for more than half of all web activity, organisations face heightened risks from bad bots, which are becoming more prolific every day.' These AI tools can be used to carry out spamming campaigns or even distributed denial-of-service (DDoS) attacks that knock sites offline by overwhelming them with fake traffic. The industries most at risk, according to the 2025 Imperva Bad Bot Report are financial services, healthcare and e-commerce. The report tracked an average of 2 million AI-enabled attacks each day last year, with the Bytespider web crawler tool making up 54 per cent of them. Developed by TikTok owner ByteDance, the ByteSpider bot's dominance was attributed to its widespread recognition as a legitimate tool, which the researchers said made it an 'idea candidate for spoofing'. 'The rise in the number of accessible AI tools has significantly lowered the barrier for entry for cyber attackers enabling them to create and deploy malicious bots at scale,' the report stated. 'With generative AI simplifying bot development, automated threats are evolving rapidly – becoming more sophisticated, evasive, and widespread, fueling the growth of both simple and advanced bad bots. 'Attackers now use AI not only to generate bots but also to analyse failed attempts and refine their techniques to bypass detection with greater efficiency.'
Channel Post MEA
26-02-2025
- Business
- Channel Post MEA
Thales Accelerates Partner Success by Unifying Thales and Imperva Partner Programs
Sebastien Pavie, VP Sales EMEA, Cybersecurity and Digital Identity at Thales, emphasizes that the new 'Accelerate' Partner Network unifies Thales and Imperva programs, enabling cross-selling, simplified training, enhanced partner support, streamlined discount structures, and consolidated resources to drive partner success. How would you describe the new unified 'Accelerate' Partner Network program? The new 'Accelerate' Partner Network unifies the best aspects of the Thales and Imperva partner programs, streamlining benefits, discounts, go-to-market support, and tiering. This integration simplifies the process for partners, making it easier to sell and implement both portfolios while maximizing opportunities for growth and success. What improvements have been made to streamline partner support, and how will these changes reduce the time and effort required for partners to get assistance with sales, technical issues, or other challenges? Are there dedicated partner managers or online support portals? Thales has streamlined partner support by consolidating tools and resources into a unified partner portal, providing easy access to sales and marketing materials, technical documentation, and simplified training. This integration reduces the time and effort required for partners to get the assistance they need. Additionally, with a larger, combined support team, partners now benefit from more dedicated partner managers and expanded partner support staff, ensuring faster response times and enhanced guidance for sales, technical issues, and other challenges. How does the 'Accelerate' program's incentive structure compare to previous programs, and what specific changes have been made to improve partner profitability and margins? Are there performance-based bonuses, rebates, or other incentives tied to specific product lines or deal sizes? The 'Accelerate' program introduces a harmonized discount structure for hardware, software, and cloud services, ensuring predictable margins for partners by basing discounts on the Net Customer Discounted Price. To improve profitability, the program offers incremental discounts for partners who create and register deals, rewarding them for driving the sales process. Additionally, rebates are available for deals with new logos, providing further incentives for business growth. Beyond financial rewards, the program offers exclusive recognition and differentiation opportunities. Partners participating in both Thales and Imperva programs are matched to the highest partner level, ensuring they receive the best possible benefits. Furthermore, partners can achieve new Partner Specialties that highlight their expertise in professional services, technical support, sales leadership, co-selling, and more, allowing them to stand out in the market based on their strengths and focus areas. How does the program address potential channel conflict between existing Thales and Imperva partners, and what measures are in place to ensure fair and equitable distribution of opportunities? The 'Accelerate' program minimizes channel conflict by ensuring a fair and transparent opportunity distribution among partners. With 85% of business flowing through the channel and less than 10% overlap between existing Thales and Imperva partners, the risk of direct competition is significantly reduced. To further protect partners, the program offers Protected Deal Registration Discounts, rewarding those who create and register new pipeline opportunities. This approach ensures that partners receive proper recognition and support for their efforts, fostering a collaborative and equitable channel ecosystem. How does the unification of Thales and Imperva solutions within the 'Accelerate' program create a more compelling offering for partners and their customers, and what specific cross-selling opportunities does this unlock? The unification of Thales and Imperva solutions within the 'Accelerate' program creates a more compelling offering for partners and their customers by combining award-winning platforms for application security, data security, and identity & access management into a single, cohesive solution. This integration enables partners to present a more comprehensive narrative, particularly in the area of data security, where they can now provide capabilities such as discovery, control, protection, analysis, and visualization. Additionally, the program enhances flexibility and simplicity for partners by allowing them to engage with Thales and Imperva in a manner that suits their preferences. Partners can choose to sell any product within the unified portfolio while benefiting from a consistent discount structure and uniform training requirements, which opens up significant cross-selling opportunities and streamlines their partnership experience. Can you elaborate on the specific new training modules or certifications available and how they will equip partners to sell and implement the combined Thales and Imperva portfolio effectively? Are there specialized tracks for different partner tiers or specializations? Thales offers free, role-based training for pre-sales teams, ensuring that all partners follow a structured learning path regardless of the portfolio they sell. This approach provides partners with the necessary knowledge and skills to be successful in their roles. All partners begin with the Thales Portfolio Overview, followed by 12 specialized product training paths tailored for sales and sales engineers. Sales engineers can further enhance their expertise by completing an optional technical certification, which qualifies them for Drive Sales Discounts. For partners specializing in Professional Services and Technical Support, paid post-sales training and certifications are available, equipping them with the advanced technical skills needed to implement and support Thales and Imperva solutions effectively. What key benefits can new channel partners expect when they join the program? New channel partners joining the program can expect flexibility, allowing them to choose their focus—whether creating demand, driving sales, or delivering services—while selecting the products they want to invest in. They also benefit from predictable margins, with tiered discounts based on deal engagement, deal registration protection, and renewal incumbency, which is particularly valuable in the Middle East's tender-driven market. Free training and certifications for sales and pre-sales teams help partners build expertise, while sales resources, including deal support from Thales teams and access to sales collateral, enhance business opportunities. Additionally, partners gain access to marketing funds and campaign assets through the Partner Portal, further supporting their growth and success. Are there any specific programs or incentives designed to help new partners join the Thales and Imperva portfolio and quickly become successful? Thales and Imperva offer several programs and incentives to help new partners quickly integrate into their portfolio and achieve success. One of the key initiatives includes free on-demand training and certifications for both sales professionals and sales engineers, ensuring that partners gain the necessary expertise to effectively promote and implement Thales and Imperva solutions. Additionally, the deal registration program provides partners with direct support from Thales sales teams and engineers, enhancing their ability to secure and close deals successfully. To further empower partners, Thales and Imperva also provide sales playbooks and valuable resources designed to help identify new business opportunities and drive growth. These initiatives collectively enable partners to accelerate their success and establish a strong foothold in the cybersecurity market. What is the typical timeframe for the onboarding process, from initial application to becoming an active partner? The onboarding process for resellers is fast, typically allowing them to go from application to transacting or submitting deal registrations within just one day, ensuring quick access to Thales and Imperva solutions. What are the key performance indicators (KPIs) will Thales use to measure the success of the 'Accelerate' program, and how will partner performance be evaluated within the program framework? Thales measures the success of the 'Accelerate' program through new and renewal revenue and the number of partner individuals who complete training and accreditation. Partner performance is evaluated through an annual review at the end of the fiscal year, with the possibility of mid-year promotion if resellers meet the criteria for a higher tier. Given the growing demand for professional services in the Middle East, partners in the region have a significant opportunity to expand their offerings and enhance their business potential within the program framework. 0 0
