Well, as a "White Hat" cyber warfare expert who has taught cyber warfare to the Air Force Academy cadets, and although now retired, I help our government protect servers from "automated" scripting, I could offer a solution.
I have to be somewhat vague here, but in essence, there are things done in the game that only human sequences can do. If an automated script is driving the game, it will not respond to things human sequences do. Set a time limit on the server or in the BSG that would look for these sequences only humans can do, and if it is not found during random periodic check, say every ten minutes, the game logs off the server until a human sequence response is found on the client side. If not found within twenty minutes, the client is logged off from the server for that gaming session. This is invisible to the user and undetectable by automated scripting. I can think of at least sixty or seventy things to check for, that only human sequences can do in this game, that an automated script would be incapable of doing or detecting. A periodic check for these things done by human sequences at random intervals would detect any automation in the game, not pre-programmed for the game. The same periodic check for human sequenced responses would also detect profits or ranking not consistent with what humans are capable of doing, and a flag for that account would be thrown for further inspection by FDev.
This is a well known tactic for security in the banking institutions and government secured websites and is very effective with a very low failure rate.
No harm is done to the client as long as their gameplay generates human sequenced responses for each periodic check. If no human sequenced response is detected during the periodic check, the client is disconnected and flagged.
It is meant as a "flag" only for further inspection and only does temporary disconnects from the server. If done correctly, human responses are very detectable and no disruption would occur for those actually playing in real time.
EDIT: Every one is complaining, but no one is offering much of a realistic solution here.
For those interested in becoming a legitimate "White Hat" hacker, join "HackerOne.Com".
EDIT: I will not reveal or post the the human response sequences to be checked, as this would give security info to the botters. I will respond to PM requests from FDev developers only, if FDev is interested in this process.
Be well.