Bot Networks Cement Status as Human-Initiated Attack Levels Fall Says LexisNexis Risk Solutions Latest Cybercrime Report
September 2021 by LexisNexis® Risk Solutions
LexisNexis® Risk Solutions released the findings of its latest Cybercrime Report, which covers the first half of 2021. This edition of the biannual report reveals that bot attack volumes grew 41% year-on-year with human-initiated attack levels reducing by 9%. The report confirms earlier trend patterns which show the financial services industry and media businesses continue to bear the brunt of the increase in automated attacks led by bot networks. The Cybercrime Report analyzes transaction data from the LexisNexis® Digital Identity Network®. It tracked 28.7 billion transactions over the six-month period monitored, up 28% year-over-year.
The first half of 2021 saw geopolitical shifts in the volume of attacks observed across the Digital Identity Network. Mexico joins Brazil in the top ten list of largest originators of bot attacks by volume, while North America records higher daily attack rates that now exceed those in EMEA. This latter trend has continued since March 2021 and, if it continues, will mark a sustained change in cybercriminals’ behavior in the U.S. and Canada. In the earlier part of 2021, we saw large spikes in cybercrime attack rates in APAC, although this steadies as the first half of the year closed. With EMEA remaining a relatively secure region for customers, it is Latin America which stands out as it has the highest daily attack rates globally.
These findings may reflect the continued increase in digital payments as consumers’ shift online continues to make its presence felt even as some countries start to look to a world post-pandemic.
Key findings from The LexisNexis® Risk Solutions Cybercrime Report, January to June 2021:
• Increases in bot attacks seen globally – All regions have recorded growth in bot volume January-June 2021 in comparison to the same period last year. This was most marked in APAC and LATAM, with EMEA experiencing the smallest growth.
• Industry innovations changing risk profiles – The online payment market continues to proliferate and diversify. Buy-now-pay-later (BNPL) services and digital wallets are becoming increasingly popular ways to pay. BNPL transactions, in particular, have grown 182% year-over-year. This growth is likely to continue to cater for the growing population of consumers who are transacting more online. However, it also creates new avenues of attack for cybercriminals.
• Financial services institutions deploy new methods to track money mules – Advances in beneficiary intelligence within the Digital Identity Network are making it less complicated for banks and other payment service providers to track payment transfers involved in money mule compromises. This includes when the beneficiary tries to hide their tracks by splitting the initial payment and routing it via other entities in the payments network.
Stephen Topliss, vice president of fraud and identity for LexisNexis Risk Solutions, said, “Today’s report confirms cybercriminals reliance on bot networks to conduct their activities. Volumes of human-initiated attacks are down, as is the overall attack rate for these. Transaction and user growth rates in other industry sectors such as virtual banks and “Buy Now, Pay Later” have exposed emergent risks for these newer businesses. Our transaction volume data illustrates the scale of the problem, year-on-year traditional banks see a 37% growth in transactions whereas for virtual banks that number is 68%.
“The digital businesses that survive and thrive will be those that deploy cybercrime-combatting solutions as they scale. Maintaining the integrity of the customer journey is critical to better modelling and predicting future trust.”