Sam Crowther, Kasada: Online "Bots" At The Center of Disinformation Can Be Stopped
According to CBS: "Moderators of the WallStreetBets online discussion forum, which has been credited with creating a frenzy in the shares of GameStop and others, said bots are responsible for a "large amount" of the stock-recommendation content being posted in its popular Reddit group."
Bots are at the center of the disinformation problem of the modern digital world. Why are they so dangerous?
"Bots are dangerous because they make it easy and economical to spread disinformation quickly and efficiently, manipulating conversations, impacting public opinion - and in this instance affecting the stock market and people’s finances. It is estimated that 97% of all WallStreetBets activity within Reddit groups appeared to be generated by bots."
Why are they so effective?
"All bot operators leverage automation. Automation is cheap and easy to use, generates large amounts of profit and is applied at-scale to make success viable. The same principles apply to the social media disinformation side of things - bots allow bad actors to amplify a message or opinion at scale, sharing a point-of-view that could be incorrect or dangerous, and reaching hundreds of thousands of people immediately."
Are bots relatively cheap?
"Yes, the reason bots are so prevalent is because they are affordable for individual attackers and allow quick and easy usage. For example, you can purchase/rent a proxy network and servers for less than $500 per month."
How come they are so widely used?
"There are a lot of different ways you can apply these cheap and easy to use bots. For example, you can knock a website offline and demand a ransom; you can quickly influence public opinion at scale to forward a political agenda; you can buy inventory to resell on the secondary market for a profit (as evidenced by PS5 during the holidays); you can undercut competitor business models by scraping pricing; or you can commit fraud by making purchases with other people’s credit and gift cards."
What can be done to stop bots?
"While most companies attempt to identify and delete bots after they’ve struck, at that point it’s too late, as the damage is already done. People have been influenced, fraud has been committed, or the nefarious actor has gained access to your system. Companies need to take control and seize bad bots at registration to stop the spreading and scaling of fraudulent information. Most bot mitigation solutions are unable to accomplish this as they need to let requests in and look for suspicious activity before stopping them. By then it’s already too late. A more effective approach is needed."