Automated Threat Mitigation for Public Sector
Stop Bots From Exploiting Applications, APIs, and User Data
Government and public sector institutions, both large and small, struggle to keep pace with hacktivists. Cyber attackers continuously target government web applications and internet infrastructure. They take down a government's web applications, damage critical infrastructure and services. Recent large-scale automated attacks on government-owned internet properties signify the need to adopt advanced technologies including machine learning and artificial intelligence to identify unusual patterns in web traffic. ShieldSquare applies proprietary Intent-based Deep Behavior Analysis (IDBA) that is built upon semi-supervised learning to detect and mitigate “known-unknown” threats.
Impact of Bots on Public Sector
Attackers’ shift from the network layer to the application layer is attributed to sophisticated botnets. Hackers and nation-state attackers deploy large-scale bots on government web applications to perform multi-vector DDoS attacks. The application layer includes many devices within it and an attack on layer 7 results in massive service degradation. Application layer DDoS attacks are often low and slow to go unnoticed until it’s too late.
DDoS attacks that attempt to abuse functionality or exploit algorithmic vulnerabilities require a proactive bot mitigation solution before they damage critical web applications. ShieldSquare builds upon contextual threat intelligence gathered from over 70 countries to prevent multi-vector DDoS attacks.
APIs are used by governments and public sector institutions to deliver data or to integrate with third-party service providers. Open data APIs are used to provide datasets as file and transit information. Bots attempt to abuse the API functionality through constant requests. APIs intended to provide access for public data are vulnerable to automated attacks including DDoS.
It is important to distinguish ‘good’ API calls from ‘bad’ API calls. ShieldSquare analyzes API traffic for behaviors that are anomalous, undesirable, or malicious to uncover exploits and abuses.
Government agencies are prime targets for large-scale automated attacks. Attackers deploy bots to perform credential stuffing attacks and login into citizen portals through stolen credentials. They use AI and human-like bots to mimic human behavior and complete the authentication process. Hackers aim to take over citizen accounts and steal valuable information.
We combine machine learning with device and browser fingerprinting to analyze patterns of bots on web applications across industries. The deep behavioral analytics helps us build a unique database of bot fingerprints. We utilize our bot database to proactively identify sophisticated bots and stop them from taking over citizen accounts.
Unauthorized Content Scraping
Bots are used to scrape valuable information and data on government forums and websites. Nation-state actors or political organizations scrape content to use the intelligence for nefarious purposes. Conventional security measures including authentication, WAFs, and intrusion detection are ineffective to prevent sophisticated scraping attacks that involve human-like bots.
Human-like bots simulate human behavior to scrape sensitive information from citizen engagement platforms and other public forums. Our collective bot intelligence ensures that bad bots are blocked on public sector web applications, mobile apps, and APIs without impacting genuine user experience.
Abuse of Citizen Engagement Platforms
Spambots are used to deluge citizen forums and other government-initiated discussions. These bots post unrelated content and link to malicious websites. They also troll and mislead members of the forum.
ShieldSquare applies a challenge-response authentication mechanism and serves CAPTCHAs to visitors with a higher risk score. Responses to these challenges help us build a closed-loop feedback system and block spambots.
*1 Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
*2 The Forrester New Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester New Wave™ is a graphical representation of Forrester's call on a market. Forrester does not endorse any vendor, product, or service depicted in the Forrester New Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.