'The challenge is no longer identifying bots. It’s understanding what the bot, agent, or automation is doing': New report flags 40% of all internet traffic is now bad bots

News
By published

The Dead Internet Theory is very much alive

Cloud, networking and internet
(Image credit: Shutterstock)
  • Automated bots now account for over half of global internet traffic, with malicious bots nearing 40%
  • AI‑driven bot attacks surged more than twelvefold in 2025, blurring lines between legitimate automation and abuse
  • A growing share of attacks target APIs, with financial services seeing nearly half of last year’s account takeovers

It’s been a few years now since automated bot activity took up most of global web traffic, but “bad bots” are taking an ever-increasing share of that cake, and with AI agents being thrown into the mix, the problem is only getting more complex.

A new report on bot activity, harvested from Thales’ Threat Research and Security Analyst Services teams over 2025 found automated activity now represents more than 53% of all internet traffic, while the remaining 47% fall on human interaction.

Bad bots, on the other hand, now take up almost 40% of all global web traffic.

Article continues below

Blurring the lines

AI-driven bot attacks have surged 12.5 times over the past year, Thales added. This evolution has moved beyond simple scripts for credential stuffing or price scraping and turned bots into sophisticated entities that can mimic human behavior with alarming precision.

These "AI agents" are now in a category of their own, interacting directly with applications and APIs to perform complex tasks.

As such, they are increasingly blurring the lines between legitimate business automation and malicious intent.

“AI is transforming automation from something organizations try to block into something they must also manage,” said Tim Chang, Global Vice President and General Manager, Application Security at Thales.

“The challenge is no longer identifying bots. It’s understanding what the bot, agent, or automation is doing, whether it aligns with business intent, and how it interacts with critical systems.”

A significant portion of this malicious activity (around 27%) is now targeted specifically at APIs. By bypassing traditional user interfaces, bots can interact with backend systems at machine speed, exploiting business logic and manipulating workflows. The trend is apparently most obvious in the financial services sector, where 46% of all account takeover incidents of last year happened.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.