Story image

Malicious 'bad bots' account for more web traffic than ever before

28 Mar 18

‘Good bots’ and ‘bad bots’ are accounting for more web traffic than ever before – but the bad bots are going mainstream.

That’s according to Distil Networks, which released its Bad Bot Report 2018 this week. Amongst hundreds of billions of bad bot requests are potentially malicious activities controlled by competitors, hackers and fraudsters.

Bots are also used to conduct brute force attacks, account hijacks, competitive data mining, data theft, digital ad fraud, downtime, and online fraud.

According to Gartner, bots are also used for credential stuffing and scalping.

“The rise of more sophisticated bots in recent years therefore requires greater sophistication in detection and response,” the analyst firm says.

Distil Research Lab experts say that this year bots have dominated public conversation, particularly in the United States as the FBI continues to investigate possible Russian tampering of the 2016 US presidential election.

“Yet, as awareness grows, bot traffic and sophistication continue to escalate at an alarming rate. Despite bad bot awareness being at an all-time high, this year’s Bad Bot Report illustrates that no industry is immune to automated threats and constant vigilance is required in order to thwart attacks of this kind,” comments Distil Networks CEO Tiffany Olson Jones.

Here are some of Distil Networks' bad bot findings:

- In 2017, bad bots accounted for 21.8% of all website traffic, a 9.5% increase over the previous year. Good bots increased by 8.7% to make up 20.4% of all website traffic.

- For the first time, Russia became the most blocked country, with 20.7% of companies implementing country-specific IP block requests. Last year's leader, China, dropped down to sixth place with 8.3%.

- Gambling companies and airlines suffer from higher proportions of bad bot traffic than other industries, with 53.1% and 43.9% of traffic coming from bad bots, respectively. Ecommerce, healthcare and ticketing websites suffer from highly sophisticated bots, which are difficult to detect.

- 83.2% of bad bots report their user agent as web browsers Chrome, Firefox, Safari or Internet Explorer. 10.4% claim to come from mobile browsers such as Safari Mobile, Android or Opera.

- 82.7% of bad bot traffic emanated from data centres in 2017, compared to 60.1% in 2016. The availability and low cost of cloud computing explains the dominance of data centre use.

- 74% of bad bot traffic is made up of moderate or sophisticated bots, which evade detection by distributing their attacks over multiple IP addresses, or simulating human behaviour such as mouse movements and mobile swipes.

- Account takeover attacks occur 2-3 times per month on the average website, but immediately following a breach, they are 3x more frequent, as bot operators know that people re-use the same credentials across multiple websites.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.