The bot movement, or more precisely, the evil bot movement, is reaching new all-time highs, threatening everyone’s cybersecurity, according to new research.
Imperva Bad Bot’s 2023 report found that in 2022, nearly half (47.4%) of all internet traffic came from bots, up 5.1% year-on-year. At the same time, the share of passenger traffic fell to 52.6%, which is the lowest level in eight years.
Bot traffic is basically any traffic to a website or app that is not made by a human. It is generally seen as a good thing as it is essential for digital assistants, search engines and the like. Evil bots can interact with web applications in the same way as legitimate bots (or users) and are therefore used to attack websites, mobile applications and APIs, to run campaigns such as data collection, data mining, attacks brute force, DDoS (opens in a new tab)transaction fraud and more.
Years of bot development
According to Imperva, in 2022, the volume of traffic with bad bots increased by 2.5% and now accounts for 30.2% of all traffic. The report also states that this is the fourth consecutive year of steady growth in bad bot traffic. In fact, the 2022 data has never been seen before, and Imperva has been tracking this data since 2013.
Moreover, bad bots are becoming more sophisticated and therefore harder to detect. More than half (51.2%) of all bad bot traffic came from so-called “advanced” bots, up from 25.9% just a year ago.
“This is a worrying trend for companies as advanced bad bots use the latest evasion techniques and closely mimic human behavior to evade detection by going through random IP addresses, entering through anonymous proxies and changing identities,” the researchers conclude.
Most of the bad bots take place in Germany, Ireland, Singapore and the US, where travel, retail and financial services continue to experience abnormally high numbers of attacks.