World-Leading Integrated Logistics Service Provider Selects CDNetworks Bot Shield to Curb False Containers Bookings
Many organizations and individual businesses are facing an existential crisis amid the widespread lockdowns associated with the COVID-19 pandemic. Certain types of businesses felt the impact of COVID-19 more than others. And one of the companies hardest hit was our customer, the Integrated Logistics Service Provider, one of the world’s foremost leaders in the integrated logistics service and the supply chain service ecosystem and a member of the FORTUNE Global 500 list.
Prior to the worldwide pandemic, this Integrated Logistics Service Provider led in areas such as shipping, shipbuilding and ship financing, ship repair, and similar logistics, particularly in Asia. As the pandemic spread throughout Asia and the rest of the world, it led to lockdowns and border closures that restricted the movement of goods. Additional protocols, such as lockdowns and social distancing at factories and warehouses, ensured the safety of workers but contributed to factory closures and bottlenecks for freight.
However, although Asia was the first continent hit by the pandemic, it was also the first to recover. This allowed China to resume exports while the rest of the world continued to confront uncertainties and risks. As a result, nearly all of the containers that had been held in Asian ports were deployed to destinations in Europe and North America; however, these shipments were not sufficient to overcome the delivery delays and supply chain disruptions, so those containers did not come back quickly enough.
This kind of domino effect has led to global shortage of empty containers, the freight fees have been surging continuously. For example, the unit price of a container shipped from China to the west coast of the United States rose from $2,000 to $20,000 in just a few months, creating challenges for our customer.
Challenges and Pain Points
As the world-leading integrated logistics service provider, our customer has always taken cloud security seriously, and has used CDNetworks as its trusted service provider for years. Before the global shortage of empty containers, our customer used CDNetworks’ Application Shield to strengthen its web application firewall (WAF) protection. This time, our customer needed a bot management solution that could protect its booking platform from scalping, to avoid the risk of broken stowage and the revenue loss.
Our customer had been vulnerable to scalper bots that conducted rapid-fire, automated purchases of large numbers of ticket items at extremely low prices before the customer could post the actual prices on its booking platform. The hacked purchase price was often as low as 1/10 of the actual cost, which prevented valid users from getting a fair chance to book the containers. Using scalper bots also allowed fraudsters to check out their bought items in no time, hoard the items in bulk, and then resell the items at a premium, causing significant loss to our customer.
- The number of visits to the customer’s online booking platform soared, with an average of 40 million+ requests to be processed daily. Hackers, in turn, used automated tools to generate significant amounts of bot traffic to perform fraudulent registration, high-frequency queries, and malicious booking, all of which consumed precious bandwidth, increased bandwidth costs at the customer’s website, and wreaked havoc with dedicated server and data security maintenance.
- False container bookings disrupted normal business. Merchants with legitimate shipping needs were unable to book their shipments successfully and booking containers did not match actual needs. In addition, the broken stowage accounted for revenue loss.
The key to combatting false container bookings is the ability to accurately identify and block malicious bot traffic without adversely impacting business. To that end, data analysis becomes critical for identifying bot traffic. The first thing that CDNetworks’ security experts did was to take a close look at the customer’s booking platform, and then determine the vulnerabilities that permitted false container bookings. Their investigations revealed three causes.
Cause 1: Mass Account Logins
Malicious Bot Behavior: brute force and account takeover, fraudulent registrations, bulk login.
Cause 2: Monitoring Shipping Container Information
Malicious Bot Behavior: high frequency and single-targeted URL access, unusual traversal, which caused a huge drain on website bandwidth, server expenses and data security maintenance costs.
Cause 3: Malicious Bookings
Malicious Bot Behavior: automatic bookings by script.
After ascertaining these three causes, our security experts used CDNetworks’ Bot Shield（Bot対策） solution to handle the malicious bot traffic. Initially, the experts filtered bad traffic based on CDNetworks’ Threat Intelligence Library. Covering more than 100 types of intelligence, CDNetworks’ Bot Shield monitored visiting traffic on the customer’s booking platform in real time, and then identified and blocked bots that met predefined intelligence characteristics.
To address cause 3, CDNetworks combined our leading Threat Intelligence Library with client-side fingerprinting and other leading technologies to develop algorithms based on Artificial Intelligence (AI) to monitor the workflow of key requests directed at the customer’s websites in order to build a dynamically updated workflow analysis model. With this model in place, client-side access is blocked from requests that do not conform to the normal access baseline of the workflow predicted by the AI model.
For our customer, the algorithm blocked over 2 million bot attacks successfully every day. It is important to note that combatting malicious bot attacks is a continuous process. As hackers intensify their fight, the CDNetworks AI algorithm studies the latest analytical models of bot attacks and continues to build a comprehensive security umbrella to safeguard the customer’s sensitive and critical information from bad actors. CDNetworks paid particular attention to attacks directed at our customer’s business operations, where anomaly-based detection was used to customize and adjust protection policies in daily monitoring based on advanced analytics.
The last ingredient figuring into the mix was our security experts’ advice to use Bot Shield to conduct bot identification, management, blocking, and continuous protection in a closed-loop environment to help the customer develop its business in a more stable way.
- With the help of CDNetworks’ Bot Shield, our customer’s booking platform blocked an average of 5 million bot attacks every day.
- The number of bot attacks directed at core business interfaces, such as cargo tracking, route enquiry and booking platform, were mitigated by roughly 65%.
- The effective blocking of malicious bot traffic by CDNetworks’ Bot Shield offloaded malevolent traffic from the origin and accelerated data transmissions, saving significant bandwidth and server costs while keeping daily business operations running smoothly.
- The customer’s worldwide legitimate users were no longer mistakenly blocked from accessing customer websites and now enjoyed a seamless visiting experience, regardless of their location, while security threats continued to be blocked by the distributed architecture of CDNetworks’ Bot Shield.