The 2022 ImpervaBadBot Report There are some spectacular discoveries, and the main thing is that bad bot traffic is trying to overtake human activity on the Internet.
Bot traffic accounted for 42.3% of all Internet activity in 2021 from 40.8% in 2020. Bad bot traffic is almost twice as much as so-called “good bots” that perform legitimate functions such as indexing and auto-reply.
After a few years of calm, bad bot traffic is on the rise again
Bot traffic last surpassed human traffic on the Internet in 2014, when this annual Imperva survey began. Subsequent surges in the majority of human traffic were sometimes up to 62%, primarily due to the significant suppression of malicious bots (bots that act maliciously). .. These nasty bots have risen again since 2019, but this time far outpacing “good” bots and threatening to regain control of the Internet.
As the report points out, there is a direct correlation between bad bot activity and cybercrime incidence. Malicious bots are usually the first element of an attack plan, whether it is monitoring the targeted network or attempting to compromise an account. Other features that are subject to bad bot status include retail product scraping, content scraping from websites, distributed denial of service (DDoS) attacks, and binding hot items to virtual shopping carts to manipulate prices. Includes a “reject inventory” scheme that rejects or sells. To competitors.
Bad bots have made great strides in the last decade, fusing with good bot traffic to avoid detection and, in some cases, using very advanced techniques to mimic human activity. More highly malicious bots use modified web browsers to mimic human-like mouse movements and clicks, and periodically change IP addresses to make them look like legitimate end users. You can specify the time of the request. These particular bots, called the “avoidance” class, currently account for the majority of bad bot traffic at 65.6%.
Malicious bot traffic also tends to change throughout the year, peaking in December as threat attackers attempt to exploit holiday shopping. This continues to be the case for bad bot traffic, which accounts for 30% of all Internet activity in December 2021, up from 24% at the beginning of the year.
Certain industries are also very targeted, with a significant increase in bad bot traffic in 2021. Sports, gambling and restaurant sites all recorded a surge of over 20% compared to bot traffic in 2020. The most sophisticated and malicious bots are getting more and more attention to travel, retail, automobile, education and government websites.
There are also large regional disparities in bot traffic. The United States is the overwhelming popularity of malicious bots, accounting for 43.1% of attacks. The next highest target is Australia at 6.8%.
Bot traffic will increasingly explain hijacking attempts
Much of the increase in bad bot traffic is due to account hijacking activities. These range from traditional “brute force” attacks that sequentially attempt passwords listed in dictionary files to “credential stuffing” variants that use only compromised logins obtained from data breaches. These types of attacks increased by 148% in 2021 and more than 65% are now using highly malicious bots in the form of “evasion” to evade automatic defenses.
The specific countries that are not the most targeted for overall bot traffic are one of the most likely targets for account hijacking attempts. Singapore, France, Puerto Rico and Chile are all at the top of the list after the United States. Financial services and travel sites are also more targeted by these attack types than any other industry, more than double the next category (business services) on the list. The most advanced and bad bots show a strong preference for travel and retail sites. The problem is still heavily leaning towards the United States, but it is estimated that 22% of US residents (more than 24 million households) have experienced account hijacking at some point.
Malicious bot traffic as a whole is increasing in frequency, complexity, and intensity, according to reports. According to Imperva, the largest bot attack ever recorded occurred in January 2022, with over 400,000 IP addresses and 400 million login attempts over a continuous period of job listing websites. Flooded. Bad bots are also finding new means of attack, such as enrolling in college trying to scam them from grants and financial aid.
There are no signs that this problematic bot traffic will slow down and leave security issues for the organization in the short term.CEO John Gunn tokenSuggests that it is important to press an alternative without a password. “Account hijacking with stolen credentials remains the greatest threat to all organizations, and bots automate and accelerate this process. Powerful, effective and convenient biometrics to ensure security. Authentication is essential. “
CEO, Garret Grajek YouAttestSuggests that organizations can take quicker steps to address identity governance policies. “We need to warn everyone involved in IT that 28% of the global resources to handle web traffic handle bot traffic. Intrinsically malicious traffic – denial of service is a CIA principle. Being one of the tenants, it’s confidentiality, integrity, and availability. Companies need to be aware that this traffic is occurring and that its content is inherently malicious. Also, many bots carry traffic, which ultimately leads to scanning and vulnerability assessment, so companies need to strengthen their defenses. Over 65% of attacks are ultimately weakened. Identity governance policies are paramount when it comes to using credentials. “