Adrian Johnson
TLDR:
- Researchers blocked 6 trillion requests from ‘bad bots’ which accounted for nearly half of internet traffic.
- Imperva’s data shows bad bot activity is on the rise, with bad bots having the upper hand over good bots.
Researchers blocked 6 trillion requests from ‘bad bots’ which accounted for nearly half of internet traffic. Imperva’s 2024 Bad Bot Report data shows that nearly half of internet traffic identified isn’t human, but bots. Bad bot activity is on the rise, with total bot activity peaking in 2014 and growing steadily since then. Bad bots engage in various automated attacks against websites to steal, damage, and defraud. Primary uses of bad bots include price scalping, account takeover, credit card fraud, and denial-of-service attacks.
ATO attacks targeting businesses have increased 10% from 2022 to 2023. Account takeover attacks are favored among bad actors, with the United States being the top target country. Financial services and business services sectors experience the most ATO attacks. APIs are attractive targets for cybercriminals, with automation used in 30% of API attacks. DDoS attacks cost companies on average $6,130 per minute, making them a serious threat to businesses.
Consumers increasingly hold businesses accountable for security issues, with 73% believing businesses are responsible for credential compromises. 3 in 4 consumers would not do business again with brands affected by ATO attacks. To protect against bad bots, businesses can block bad bots using monitoring tools, firewalls, and NGFWs. They can also implement bad bot blocking techniques and eliminate vulnerabilities that bots exploit through password policies, authentication mechanisms, and encrypted password storage.
