What is a bot?
A bot — short for robot and also called an internet bot — is a computer program that operates as an agent for a user or other program or to simulate a human activity. Bots are normally used to automate certain tasks, meaning they can run without specific instructions from humans.
An organization or individual can use a bot to replace a repetitive task that a human would otherwise have to perform. Bots are also much faster at these tasks than humans. Although bots can carry out useful functions, they can also be malicious and come in the form of malware.
How do bots work?
Normally, bots operate over a network. They communicate with one another using internet-based services, such as instant messaging (IM); interfaces like Twitterbots; or Internet Relay Chat. According to the 2021 research report titled “Bot Attacks: Top Threats and Trends” from security firm Barracuda, more than two-thirds of internet traffic is bots. In addition, 67% of bad bot traffic originates from public data centers in North America.
Bots are made from sets of algorithms that aid them in their designated tasks. These tasks include conversing with a human — which attempts to mimic human behaviors — or gathering content from other websites. There are several different types of bots designed to accomplish a wide variety of tasks.
For example, a chatbot uses one of several methods to operate. A rule-based chatbot interacts with a person by giving predefined prompts for that individual to select. An intellectually independent chatbot uses machine learning to learn from human inputs and scan for valuable keywords that can trigger an interaction. Artificial intelligence chatbots are a combination of rule-based and intellectually independent chatbots. Chatbots may also use pattern matching, natural language processing (NLP) and natural language generation tools.
Organizations or individuals who use bots can also use bot management software, which helps manage bots and protect against malicious bots. Bot managers may also be included as part of a web app security platform. A bot manager can allow the use of some bots and block the use of others that might cause harm to a system. To do this, a bot manager classifies any incoming requests by humans and good bots, as well as known malicious and unknown bots. Any suspect bot traffic is then directed away from a site by the bot manager. Some basic bot management feature sets include IP rate limiting and CAPTCHAs. IP rate limiting restricts the number of same address requests, while CAPTCHAs provide challenges that help differentiate bots from humans.
Types of bots
There are numerous types of bots, all with unique goals and tasks. Some common bots include the following:
- Chatbots. These programs can simulate conversations with a human being. One of the first and most famous chatbots prior to the web was Eliza, an NLP program developed in 1966 as a Massachusetts Institute of Technology research project. This chatbot pretended to be a psychotherapist and answered questions with other questions. More recent examples of chatbots include virtual assistants, such as Amazon’s Alexa, Apple’s Siri and Google Assistant.
- Social bots. These bots, often considered opinion bots, influence discussions with users on social media platforms.
- Shopbots. Many of these programs shop around the web and locate the best price for a product a user is interested in buying. Other shopbots like the Shopify chatbot enable Shopify store owners to automate marketing and customer support.
- Knowbots. These programs collect knowledge for a user by automatically visiting websites to retrieve information that meets certain specified criteria. Knowbots were originally used as a computerized assistant that performed redundant tasks.
- Spiders or crawlers. Also known as web crawlers, these bots access websites and gather content for indexes in search engines, such as Google and Bing.
- Web scraping crawlers. These are similar to crawlers but are used for data harvesting and extracting relevant content from webpages.
- Monitoring bots. These can be used to monitor the health of a website or system.
- Transactional bots. These bots are designed to simplify tasks that would otherwise be performed by a human over the phone, such as blocking a stolen credit card or confirming a bank’s hours of operation.
Bots can also be classified as good bots or bad bots — in other words, bots that do not cause any harm versus bots that pose threats.
Examples and uses of bots
Bots can be used in customer service fields, as well as in areas such as business, scheduling, search functionality and entertainment. Bots in each area offer different benefits. For example, customer service bots are available 24/7 and increase the availability of customer service employees. These programs are also called virtual representatives or virtual agents, and they free up human agents to focus on more complicated issues.
Other services that use bots include the following:
- IM apps, such as Facebook Messenger, WhatsApp and Slack;
- news apps, such as The Wall Street Journal, to show news headlines;
- Spotify, which enables users to search for and share music tracks via Facebook Messenger;
- Lyft, which enables user to request rides using IM apps;
- meeting scheduling services; and
- customer service applications that use chatbots to field customer requests and survey customer experience.
Malicious bots are used to automate actions considered to be cybercrimes. Common types of malicious bots include the following:
- denial-of-service or distributed DoS bots, which overload a server’s resources and prevent the service from operating;
- spambots, which post promotional content to drive traffic to a specific website; and
- hackers, which distribute malware, attack websites and gather sensitive information, such as financial data — bots created by hackers can also open backdoors to install more serious malware and worms.
Other malicious types of bots include the following:
- credential stuffing tools;
- email address harvesting software;
- brute-force password cracking tools; and
Organizations can stop malicious bots by using a bot manager.
Advantages and disadvantages of bots
There are plenty of advantages that come with using bots, as well as disadvantages, such as risks that other bots could pose. Some potential advantages of bots include the following:
- faster than humans at repetitive tasks;
- time saved for customers and clients;
- available 24/7;
- organizations can reach large numbers of people via messenger apps;
- customizable; and
- improved user experience.
Some disadvantages include the following:
- cannot be set to perform some exact tasks and risk misunderstanding users;
- humans are still necessary to manage the bots, as well as to step in if one misinterprets another human;
- can be made malicious by users; and
- can be used for spam.
How to detect malicious bots
There are several signs that indicate a system is infected by malicious bots, including the following:
- There are frequent software application glitches and computer crashes without a known cause.
- The computer sends emails or chat messages to the user’s contacts without the user’s knowledge.
- Applications are slower to load than normal.
- The internet connection is slower than normal.
- Pop-up spam appears, despite the fact that the user is not using the internet.
- The computer’s fan randomly runs at a high speed while the computer is idle.
- Settings have changed without the user’s knowledge, and there is no way to reverse them.
- The internet browser includes features or add-ons that the user did not install.
- The computer takes a long time to shut down or reboot.
- The computer does not shut down or reboot correctly.
- The activity monitor shows that unknown programs are running in the background.
- Warnings appear on the user’s computer stating that, if they do not click on a given link, their computer will be infected with a virus.
How to prevent malicious bot activity
The best defense against malicious bots is prevention. Sound cybersecurity practices can help keep a bot infection from occurring. The ways to prevent bots include the following:
- Install antimalware software. Malicious bots fall under the category of malware. Antimalware software can help automate protection against this type of threat.
- Install a bot manager. A bot manager is typically part of a web app security platform. These classify web requests and allow the use of some bots, while blocking others. Two bot management tactics are the following:
- IP rate limiting caps the number of same-address requests.
- CAPTCHAs use puzzles to verify that the requesting user is a human and not a bot.
- Use a firewall. Firewalls can be configured to block bots and prevent certain traffic based on IP address or behavior.
- Update software. Software updates contain security updates that can help defend against bots.
- Password hygiene. Bots can be used to brute-force attack weaker passwords and break into user accounts. Having a strong password and changing it frequently can help prevent this.
- Click trusted links only. Bots may send spam or malicious links via email. Only click on links from a trusted source to avoid getting a malicious link from a bot.
Preventing malicious bots is part of a comprehensive security plan. Learn how to create an enterprise cybersecurity strategy that is proactive in defending against threats like malicious bots.
This was last updated in March 2022