Table of contents of the article:
Imperva, a leader in cybersecurity that protects critical applications, APIs and data at scale, announced the release of the Bad Bots Report 2024, a global analysis of automated bot traffic on the Internet. Nearly half (49,6%) of Internet traffic in 2023 was generated by bots, a 2% increase from the previous year, the highest level recorded by Imperva since 2013, the year it began tracking bots. automated traffic.
For the fifth consecutive year, the proportion of web traffic associated with bad bots grew, reaching 32% in 2023, compared to 30,2% in 2022, while human user traffic decreased to 50,4%. Automated traffic is costing organizations billions of dollars every year due to attacks on websites, APIs and applications.
Bots are one of the most pervasive and growing threats facing every industry, says Nanhi Singh, General Manager of Application Security at Imperva. “From simple web scraping to account takeovers, to spam and denial-of-service attacks, bots negatively impact an organization's online services, requiring greater investments in infrastructure and customer support. Organizations must proactively address the bad bot threat as attackers sharpen their focus on API-related abuse that can lead to account compromise or data exfiltration.
Key trends identified in the 2024 Bad Bots Report:
- The global average of bad bot traffic has reached 32%:
Ireland (71%), Germany (67,5%) and Mexico (42,8%) saw the highest levels of bad bot traffic in 2023. The US also saw a slight increase in bad bot traffic, going from 32,1% in 2022 to 35,4% in 2023. - Growing use of generative AI linked to the rise of simple bots:
Rapid adoption of generative AI and large language models (LLMs) has led to simple bot volume increasing to 39,6% in 2023, up from 33,4% in 2022. This technology uses bots of automated web scraping and crawlers to power training models, allowing non-technical users to write automated scripts for personal use. - Account takeover is a persistent business risk:
Account Takeover (ATO) attacks increased 10% in 2023 compared to the same period last year. Remarkably, 44% of all ATO attacks targeted API endpoints, up from 35% in 2022. Of all internet login attempts, 11% were associated with account takeover. The industries that experienced the highest volume of ATO attacks in 2023 were Financial Services (36,8%), Travel (11,5%), and Business Services (8%). - APIs are a popular attack vector:
Automated threats caused 30% of API attacks in 2023. Of these, 17% were bad bots that exploited business logic vulnerabilities, a flaw in API design and implementation that allows attackers to manipulate legitimate functionality and access to sensitive data or user accounts. Cybercriminals use automated bots to find and exploit APIs, which serve as a direct route to sensitive data, making them a prime target for business logic abuse. - Every industry has a bot problem:
For the second year in a row, the Gaming sector (57,2%) saw the highest proportion of bad bot traffic. Meanwhile, the Retail (24,4%), Travel (20,7%) and Financial Services (15,7%) sectors experienced the highest volume of bot attacks. The proportion of advanced bad bots, those that closely mimic human behavior and evade defenses, was highest on Law & Government (75,8%), Entertainment (70,8%), and Financial Services (67,1) websites. ,XNUMX%). - Bad bot traffic originating from residential ISPs grows to 25,8%:
Bad bots' initial evasion techniques relied on masquerading as the user agent (browser) commonly used by legitimate human users. Bad bots masquerading as mobile user agents accounted for 44,8% of all bad bot traffic in the past year, up from 28,1% just five years ago. Sophisticated actors combine mobile user agents with the use of residential or mobile ISPs. Residential proxies allow bot operators to escape detection by making the traffic source appear to be a legitimate residential IP address assigned by an ISP.
Automated traffic will soon surpass the proportion of Internet traffic that comes from humans, changing the way organizations approach building and securing their websites and applications,” continues Singh. “As more and more AI-enabled tools are introduced, bots will become ubiquitous. Organizations must invest in bot management and API security tools to manage the threat of automated and malicious traffic.
Insight into Bad Bot Analysis
Imperva, a leading cybersecurity company focused on protecting web applications and data, is known for its application and data protection services similar to those offered by CloudFlare. Every year, Imperva publishes a detailed report on bad bots, providing in-depth analysis of automated traffic on the Internet. This report has become a key resource for companies seeking to understand and mitigate the threats posed by malicious bots.
The Impact of Bots on Businesses
Bad bots are automated programs designed to perform tasks on the Internet without human intervention. While there are “good” bots used for legitimate purposes such as search engine indexing, Bad bots are created for malicious purposes, such as web scraping, data theft, vulnerability detection, and performing DDoS attacks. The increase in traffic generated by bad bots has serious consequences for businesses, including:
- Increase in Operating Costs:
Malicious bots can consume a significant amount of network and server resources, forcing companies to invest in additional infrastructure to handle the additional traffic load. This can result in an increase in operating costs and a reduction in the performance of online services. - Security Compromise:
Bad bots can identify and exploit vulnerabilities in web applications and APIs, allowing attackers to access sensitive data and compromise user accounts. This type of activity can lead to data breaches and significant financial losses for businesses. - Reputation Damage:
Bot attacks can negatively impact user experiences, causing downtime, slowdowns, and other performance issues on websites. This can damage a company's reputation and lead to a loss of customer trust. - Increased Customer Support Workload:
Problems caused by bad bots often require customer support intervention to resolve. This increases the workload of support staff and can lengthen response times for legitimate customer requests.
The Need for Bot Management Tools and API Security
To effectively address the threat posed by bad bots, companies must invest in advanced bot management and API security solutions. These tools can help detect and block malicious bot traffic, while protecting company resources and improving the performance of online services. Among the most effective solutions are:
- Bot Management:
Bot management tools that use machine learning and behavioral analytics to identify and block malicious bots in real time. These tools can distinguish between legitimate traffic and traffic generated by bots, ensuring that company resources are used efficiently. - API Security:
API security solutions that protect application programming interfaces from abuse and malicious attacks. These tools can monitor API traffic, detect anomalies, and enforce security policies to prevent unauthorized access to sensitive data. - DDoS Attack Mitigation:
DDoS mitigation services that can identify and block malicious traffic generated by bots before it reaches corporate infrastructure. These services can protect websites and applications from disruptions caused by DDoS attacks.
Conclusions
Imperva's 2024 Bad Bots Report highlights the importance of addressing the growing threat of malicious bots on the Internet. With nearly half of global traffic generated by bots, businesses must take proactive measures to protect their assets and ensure data and application security. This includes implementing advanced bot management and API security solutions, crucial to mitigating the risks associated with malicious bots. Websites, APIs, and major web servers like Apache and NGINX are particularly vulnerable to automated attacks. Protecting these critical components not only safeguards business operations, but also ensures a safe and reliable user experience, preserving the reputation and operational continuity of online businesses.