Bad bots were responsible for more than a quarter of all website traffic, according to a report by Imperva’s Threat Research Lab.
The threat intelligence firm categorized website traffic into human sources, bad bots, and good bot traffic. While humans were the major source of internet traffic, bots contributed to over 40% of website visits.
Additionally, the report found that human traffic fell while bot traffic increased. Imperva analyzed the bad bot landscape and the impact that malicious bot traffic had across industries.
The report posits that bot activity could interfere with COVID-19 rollout, online shopping, and account safety.
Bad bot traffic the main source of automated internet activity
Imperva’s 8th Annual Bad Bot Report found that bot traffic accounted for every four out of five (40%) web requests. More than a quarter (25.6%) of all internet traffic originated from malicious bots, a 6.2% increase from 2019. Comparatively, good bots accounted for 15.2% of internet traffic, a 16% increase from the previous year.
Although human traffic remained the main source of website traffic at 59.2%, it fell by 5.7% from 2019.
Grinch bots made millions by exploiting the COVID-19 pandemic and the gaming industry
The report found that malicious scalper bots exploited the pandemic by hoarding commodities like masks, sanitizers, PPEs, and home workout equipment at the beginning of the pandemic.
Scalpers also profiteered from the gaming industry by hoarding gaming hardware. They bought large volumes of new gaming equipment, thus artificially inflating demand before selling them at exorbitant prices.
The researchers found a 788% increase in automated traffic on retail websites between September and October 2020.
Bad bots could interfere with vaccine rollout
Malicious bots swarmed COVID-19 vaccine registration sites, thus frustrating human users.
There was also a 372% increase in automated traffic on healthcare websites from September 2020. When COVID-19 vaccines became widely available, Imperva experienced up to 25,000 automated requests per hour.
Malicious bots actively targeting mobile platforms
The report found that bad bots disguised themselves as mobile browsers in 2020. This was more than a 100% increase of mobile bad bots from 12.9% to 28.1% in 2019.
Chrome remained the primary source of bad bot traffic, while other browsers, including Mobile Safari, Mobile Chrome accounted for 28.1% of bad bot traffic.
Bad bots responsible for credential stuffing ATO cyber attacks
Imperva found that bad bots were used to steal account information and logging into various compromised accounts such as Facebook and LinkedIn.
More than a third (34%) of all login attempts originated from bad bot traffic. Credential stuffing attacks using stolen details were also conducted using automated malicious scripts.
Bat bots were also responsible for scraping proprietary data, which remains a controversial topic. Other malicious activity includes credit card fraud, denial of service attacks, and denial of inventory.
Telecoms and ISPs were the preferred targets for bad bots
Telecoms and Internet Service Providers (ISPs) were mostly targeted (45.7%) by bad bots.
The computing and IT industry experienced 41.1% of bad bot traffic, while sports, news, and business services experienced 33.7,33, and 29.7% of bad bot traffic, respectively.
The travel industry experienced the highest level of sophisticated bad bot traffic (59.7%), followed by government, 15.3%, retail, 13.5%, financial services, 11%, and food and beverage at 8.6%.
Advanced Persistent Bots were the major source of bot traffic
Imperva researchers found that Advanced Persistent Bots (APBs) contributed to 57.1% of all bad bot traffic, compared to 42.9% for simple bots.
Additionally, APBs employed various defense mechanisms such as mimicking human behavior, cycling through IP addresses, using proxies, and changing their identities, thus becoming harder to detect.
These bots are responsible for high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs, the report found.
Bad bots originate from targeted countries
Imperva’s report found that bad bots originated from the countries they targeted. More than a third (37.2%) of all bad bots targeted the United States, China (8.3%), and the United Kingdom (6.9%).
Additionally, the threat actors launched the bad bots from the target countries, making it harder to defend. The United States also hosted the largest share (40.5%) of malicious automated scripts.
Website owners must therefore implement automated script blocking mechanisms such as captchas and user registration requirements.
Although these measures would hardly eliminate the bad bot problem, they slow down automated script activity on the affected websites.