The cybersecurity firm Imperva (opens in new tab) has released the latest edition of its annual Bad Bots Report revealing that last year saw the highest percentage of bad bot traffic since the report's inception back in 2014.
In 2020, bad bots (opens in new tab) accounted for 25.6 percent of all bot traffic online while traffic from humans fell by 5.7 percent. Bots are also growing in scale and having a wider impact on user's daily lives as more than 40 percent of all web traffic originated from a bot last year.
Of the bad bot traffic observed by Imperva last year, advanced persistent bots (opens in new tab) accounted for 57.1 percent. As these bots closely mimic human behavior and are harder to detect, they are responsible for high-speed abuse, misuse and attacks on websites, mobile apps and APIs.
- We've assembled a list of the best endpoint protection (opens in new tab) software
- These are the best firewalls (opens in new tab) on the market
- Also check out our roundup of the best identity theft protection (opens in new tab)
Advanced Persistent Bots also present a challenge for organizations that want to mitigate downtime, reduce bandwidth consumption and improve experiences for their legitimate human customers while also wreaking havoc for online businesses through price scraping, content scraping, account creation, account takeover, fraud, denial of service and denial of industry.
Last year telecoms and internet service providers (ISPs) experienced the highest proportion of overall bot traffic at 45.7 percent. At the same time though, the travel industry saw the greatest percentage of sophisticated bot traffic (59.7%) while government sites also saw an increase with bots involved in account takeover and data scraping of business registration listings and voter registration.
Cybercriminals took advantage of the global pandemic to launch a wide variety of cyberattacks on businesses and individuals but the one of the ways in which they did this was through scalper bots. Throughout 2020, scalper bots were used to hoard large inventories of face masks, cleaning supplies, home workout equipment and more. Once the Covid-19 vaccine became available though, scalpers also used bad bots to target vaccine appointment sites and disrupt their supply chains (opens in new tab) to make it harder for legitimate users to schedule vaccine appointments.
The launch of Sony's PlayStation 5 (opens in new tab) and Microsoft's Xbox Series X (opens in new tab) was another big opportunity for scalpers who used bad bots to hoard gaming hardware. This was also the case with graphics cards (opens in new tab) and other PC parts (opens in new tab) which became especially difficult to purchase during the pandemic.
In a press release (opens in new tab) announcing the findings of its Bad Bots Report 2021 (opens in new tab), director of strategy and application security at Imperva, Edward Roberts provided further insight on what can happen if bots go unchecked online, saying:
“As we’ve monitored over the past eight years, bad bots continue to ravage the Internet, while attack characteristics are becoming more advanced and nuanced over time. Throughout the past year and during a global pandemic, bad bots have thrived by targeting new markets and the impacts are now felt by everyday consumers. The Grinch Bot disruption to the gaming hardware industry in late 2020 is one example of what happens when bots go unchecked and cause denial of inventory. Bad bots must be a top concern for businesses and security practitioners in 2021 as the problem is likely to grow. Organizations must take proactive action to secure their websites, applications and APIs from these threats as bots are increasingly involved in fraudulent activity that can be a source of reputational and financial damage.”
- We've also highlighted the best antivirus (opens in new tab)