Story image

Malicious 'bad bots' account for more web traffic than ever before

28 Mar 2018

‘Good bots’ and ‘bad bots’ are accounting for more web traffic than ever before – but the bad bots are going mainstream.

That’s according to Distil Networks, which released its Bad Bot Report 2018 this week. Amongst hundreds of billions of bad bot requests are potentially malicious activities controlled by competitors, hackers and fraudsters.

Bots are also used to conduct brute force attacks, account hijacks, competitive data mining, data theft, digital ad fraud, downtime, and online fraud.

According to Gartner, bots are also used for credential stuffing and scalping.

“The rise of more sophisticated bots in recent years therefore requires greater sophistication in detection and response,” the analyst firm says.

Distil Research Lab experts say that this year bots have dominated public conversation, particularly in the United States as the FBI continues to investigate possible Russian tampering of the 2016 US presidential election.

“Yet, as awareness grows, bot traffic and sophistication continue to escalate at an alarming rate. Despite bad bot awareness being at an all-time high, this year’s Bad Bot Report illustrates that no industry is immune to automated threats and constant vigilance is required in order to thwart attacks of this kind,” comments Distil Networks CEO Tiffany Olson Jones.

Here are some of Distil Networks' bad bot findings:

- In 2017, bad bots accounted for 21.8% of all website traffic, a 9.5% increase over the previous year. Good bots increased by 8.7% to make up 20.4% of all website traffic.

- For the first time, Russia became the most blocked country, with 20.7% of companies implementing country-specific IP block requests. Last year's leader, China, dropped down to sixth place with 8.3%.

- Gambling companies and airlines suffer from higher proportions of bad bot traffic than other industries, with 53.1% and 43.9% of traffic coming from bad bots, respectively. Ecommerce, healthcare and ticketing websites suffer from highly sophisticated bots, which are difficult to detect.

- 83.2% of bad bots report their user agent as web browsers Chrome, Firefox, Safari or Internet Explorer. 10.4% claim to come from mobile browsers such as Safari Mobile, Android or Opera.

- 82.7% of bad bot traffic emanated from data centres in 2017, compared to 60.1% in 2016. The availability and low cost of cloud computing explains the dominance of data centre use.

- 74% of bad bot traffic is made up of moderate or sophisticated bots, which evade detection by distributing their attacks over multiple IP addresses, or simulating human behaviour such as mouse movements and mobile swipes.

- Account takeover attacks occur 2-3 times per month on the average website, but immediately following a breach, they are 3x more frequent, as bot operators know that people re-use the same credentials across multiple websites.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.