Internet traffic associated with malicious bots now accounts for a third of the total, driving a 10% year-on-year increase in account takeover attacks last year, according to Imperva.
The Thales-owned company's 2024 Imperva Bad Bot Report is a detailed analysis of automated bot traffic across the internet.
It revealed that bots - both good and bad - now account for roughly half of all traffic globally, up slightly from the year before.
The share of bad bot traffic grew by roughly the same percentage over the period.
Although on average it accounts for a third of internet traffic, the figure is significantly higher in Ireland, Germany and Mexico.
Thanks to this activity, ATO attempts now account for 11% of all logins, although the figure is significantly higher in financial services.
Imperva also recorded an increase in targeting of API endpoints, which offer a quick and relatively easy way for threat actors to reach sensitive corporate and customer data.
Over two-fifths of all ATO attacks are now aimed at these endpoints, compared to 35% in 2022.
Overall, bots accounted for 30% of all API attacks in 2023, 17% of which were designed to exploit business logic vulnerabilities.
Bad bot traffic originating from residential ISPs surged to 26%, according to Imperva.
The vendor claimed that threat actors are increasingly looking to mimic mobile browsing usage and combining it with residential or mobile ISP traffic to evade detection.
Overall, the gaming sector recorded the largest proportion of bad bot traffic, while retail, travel and financial services experienced the highest volume of bot attacks.
Law and government websites recorded the largest share of advanced bad bots designed to mimic human behavior and evade defenses - followed by the entertainment sector and financial services.
Nanhi Singh, general manager of application security at Imperva, warned that bots fuel a wide range of malicious online activity, including web scraping, ATO, spam, denial of service and data exfiltration.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 16 Apr 2024 18:13:05 +0000