La 2022 Imperva Bad Bot Report has some striking findings, with the main object being that bad bot traffic is approaching to overtake human activity on the internet.
Bot traffic accounted for 42.3% of total internet activity in 2021, up from 40.8% in 2020. Bad bot traffic is almost double that of the so-called “good bots” that perform legal functions such as indexing and autoresponders.
After a hiatus of several years, bad bot traffic is rising again
Bot traffic last surpassed human traffic on the internet in 2014, the year this annual Imperva study began. A majority of the majority of human trafficking that followed, up to 62% at times, was largely due to severe repression of malicious robots (those that operate with malicious intent). These annoying bots have been on the rise again since 2019, yet now they are once again far exceeding their “good” counterparts and threatening to dominate the internet again.
As the report notes, there is a direct correlation between poor bot activity and evidence of cybercrime. Bad robots are usually the first element of an attack plan, whether it’s target network surveillance or attempts to compromise accounts. Other features that qualify for bad bot status include scaling retail items, scraping website content, distributed denial of service (DDoS) attacks, and “inventory” schemes in which hot items are linked in virtual shopping carts to manipulate prices or deny sales. . to competitors.
Bad robots have become quite advanced in the past decade, mixing with good robot traffic to avoid detection and in some cases utilizing very advanced techniques to mimic human performance. The more advanced of the bad robots can use modified web browsers, mimic human-like mouse movement and clicks, regularly change IP addresses and time requests to appear more like a legitimate end user. These particular robots, called the “avoidance” class, are now the majority of bad robot traffic at 65.6%.
Bad bot traffic also tends to vary throughout the year, reaching a peak in December as threatening actors try to exploit holiday shopping. This continued to be the case with bad bot traffic accounting for 30% of all internet activity in December 2021, up from 24% at the beginning of the year.
Some industries are also highly targeted, and have seen huge increases in bad robot traffic in 2021. Sports, gambling and food and bars have all seen jumps of more than 20% compared to the 2020 robot traffic. attention to travel, retail, automotive, education and government websites.
There is also a strong regional inequality in bot traffic. The United States is the overwhelming favorite for bad robots, drawing 43.1% of their attacks. The next most common target is Australia at 6.8%.
Bot traffic is increasingly satisfying takeover attempts
Much of the increase in bad bot traffic comes from accountability activities. These range from the classic “brute force” attacks, which successively test passwords listed in a dictionary file, to the “credential-filling” variant that only uses compromised logins taken from data breaches. These types of attacks have increased by 148% in 2021, and more than 65% of them now use an “evasive” form of high-level malicious bot to avoid automatic defenses.
Some countries that are not among the most targeted for total robot traffic are among those most often subjected to accounting tests: Singapore, France, Puerto Rico and Chile all top the list just behind the United States. Financial services and travel are also more strongly targeted with these types of attacks than any other industry, more than twice the next category on the list (business services); the most advanced of the bad robots show a strong preference for travel and retail websites. The problem is still very much in the United States, however, with 22% of the country’s population (more than 24 million households) now estimated to have taken over an account once.
The report finds that malicious bot traffic is generally increasing in frequency, complexity and intensity. Imperva says the largest bot attack it has ever recorded occurred in January 2022, using more than 400,000 IP addresses to flood a website listing 400 million login attempts over an ongoing period. Evil robots are also finding new avenues of attack, such as enrolling in colleges to try to defraud them of funding and financial aid.
There are no indications that this problematic bot traffic is slowing down, leaving a security headache for organizations soon. John Gunn, CEO of Tokensuggests that pressing wordless alternatives is key: “Account transfer using stolen credentials remains the # 1 threat for every organization and robots automate and accelerate this process. Strong, efficient and timely biometric authentication is essential to ensure security.”
Garret Grajek, CEO of You Testifysuggests that organizations can take a more immediate step in dealing with identity governance policies: “It should alert anyone involved in IT that 28% of global resources to deal with web traffic will deal with bot traffic. Traffic that is malicious by nature – because denial of service is one of the tenants of the CIA principle: Confidentiality, Integrity and Availability. Scanning and vulnerability assessments – a company needs to strengthen its defenses. Given that more than 65% of attacks will later use weakened credentials, a policy of identity control is paramount. “