Once used primarily by search engines, automated bots now account for nearly two-thirds of all internet traffic. This is according to new research by Barracuda, a trusted partner and leading provider of cloud-enabled security solutions, which found that bad bots – which carry out a range of malicious activities including web and price scraping, inventory hoarding, account takeover attacks, distributed denial of service (DDoS) attacks, and more – now account for a staggering 40% of all internet traffic.
“While some bots like search engine crawlers are good, our research shows that a much larger number of bots are dedicated to carrying out malicious activities at scale,” said Nitzan Miron, VP of Product Management, Application Security, Barracuda. “When left unchecked, these bad bots can have serious consequences for businesses and ultimately lead to a breach. That’s why it’s critically important to be prepared to detect and block these attacks.”
Over the last year, owing to lockdowns and a growing emphasis by organisations on offering digital services, consumer’s utilisation of online shopping and other online services has skyrocketed. Attackers have been quick to attempt to exploit this popularity and Barracuda’s researcher found that eCommerce applications and login portals are now most targeted by advanced persistent bots.
While the internet activity of bad bots now exceeds that of humans, attackers have been developing these automated programs in a manner that mimics human activity. Most notably, Barracuda’s research found that bad bot behaviour peaks during work hours, closely mirroring trends in human internet utilisation. This is in sharp contrast to good bots that aren’t trying to circumvent security defences and therefore maintain traffic rates that are fairly constant throughout the day.
Though the rise of the public cloud has had an undeniably positive impact, it has also empowered cybercriminals. Barracuda’s research shows that most bot traffics now comes for the two large public cloud providers – AWS and Microsoft Azure – in roughly equal measure.