Messenger Bots: Utilization and Threat Protection for Law Enforcement
Updated: May 8, 2021
On Nov 12, 2020, Steinlein Group continued our capacity building activities in Eastern Europe conducting a training session for the National Police of Ukraine entitled “Messenger Bots: Utilization and Threat Protection for Law Enforcement”.
The instructor, Abi Waddell from Loughnane Associates, presented an overview of different types of bots such as crawlers, data harvesting bots, spam/marketing bots, chat bots, and malicious bots. Then she provided a thorough explanation of what purposes each serves and how they target users and computer systems.
The training emphasized the importance of understanding the bot threat and that a tailored approach is necessary to counter them. Some bots, such as chat bots, have a virtual assistant function to help users receive desired services in a more simplified, convenient manner. They do so by using a predefined ‘script’ or flowchart where queries are directed according to the keywords used. These bots improve customer experience since they often perform faster than humans, can handle several customers simultaneously, and function 24/7.
The training also covered some of the most common threats posed by their extensive application. One of the most common threats is disclosing sensitive data from the host system, application users, and customers. Ms. Waddell further explained the nature and methodology of the most common types of bot attacks and how they can lead to corrupting the application, disclosing sensitive information or disrupting the bot’s functions. This part of the training covered common techniques used by malicious groups, including code injection, social-engineering, request flooding, cross site scripting, and how they exploit system vulnerabilities.
After breaking down some of the most common types of bot attacks and methodologies, Ms. Waddell provided comprehensive guidance on mitigating these threats and steps towards preventing such attacks. The student discussion included essential prevention measures such as strengthening user authentication, enabling two-step authentication, using latest security updates, securing sessions by using non-reusable cookies, and preventing concurrent logins from different devices and browsers.
Finally, Ms. Waddell summarized the most important threats that law enforcement needs to understand. She also reiterated the crucial steps for detecting and fixing system vulnerabilities to prevent bot attacks, which often result in security breaches, damage to reputation, denial of service, or information theft.