In 2023, the digital landscape saw an unprecedented surge in bot traffic, accounting for nearly half (49.6%) of all global Internet traffic, according to Thales’ 2024 Imperva Bad Bot Report. This represents a 2% increase from the previous year, reaching the highest level recorded since automated traffic monitoring began in 2013.
Evolving Threat of Malicious Bots
The percentage of harmful bot activity has steadily increased, marking the fifth year of consecutive growth. By 2023, malicious bots constituted 32% of web traffic, up from 30.2% the year before, per Imperva’s tracking. This increase is contributing to the decline in human-generated web traffic, which fell to 50.4%.
Costly Consequences for Organizations
The proliferation of automated traffic is increasingly costly, as bots launch attacks on websites, APIs, and applications, causing billions in damages annually. Companies are urged to be proactive in combating these threats, especially with attackers targeting APIs, which can lead to data breaches or account compromises.
Global Hotspots and Technological Advances
Ireland, Germany, and Mexico faced the most significant challenges with bad bots, seeing traffic rates of 71%, 67.5%, and 42.8% respectively. In the U.S., bad bots made up 35.4% of web traffic in 2023, a rise from 32.1% in 2022. The rapid integration of generative AI and large language models has increased the use of simpler, yet effective bots, which grew to 39.6% of bot activity, up from 33.4% in the previous year.
Increasing Risks and Industry Impact
Attacks on application protocol interfaces (APIs) were particularly notable, with automated threats causing 30% of API attacks in 2023. Bad bots exploiting business logic flaws made up 17% of these incidents. The gaming industry was the most affected, with 57.2% of its traffic coming from bad bots, followed by the retail sector at 24.4%.
Nanhi Singh, GM at Imperva, a Thales company, warns, “Bots are becoming a major threat to all sectors, from simple data scraping to harmful activities like spam and denial of service. They’re not just a nuisance; they undercut online operations and force businesses to allocate more resources to defense and customer service.”
The Future of Web Security
As bots are poised to surpass human traffic soon, companies must rethink how they secure and operate their digital environments.
By Andrej Kovacevic
Updated on 14th July 2024