Nearly half of all internet traffic is now bots, study reveals
Nearly half of all internet traffic came from bots last year, according to new research.
Figures from cyber security firm Imperva revealed a significant increase in automated and malicious web activity in 2022, with the proportion of human traffic falling to its lowest level in eight years.
The company noted that so-called “bad bots” were at their highest level since it started tracking the trend in 2013.
Bot activity is expected to increase even further this year, the researchers claimed, due to the arrival of generative AI tools like OpenAI’s ChatGPT and Google’s Bard.
“Bots have evolved rapidly since 2013, but with the advent of generative artificial intelligence, the technology will evolve at an even greater, more concerning pace over the next 10 years,” said Karl Triebes, a senior vice president at Imperva.
“Cyber criminals will increase their focus on attacking API endpoints and application business logic with sophisticated automation. As a result, the business disruption and financial impact associated with bad bots will become even more significant in the coming years.”
Bad bot activity can include anything from spam that clogs up email inboxes, to advanced systems that carry out brute force attacks to hack into people’s emails or online accounts.
Some bots even mimic human behaviour in order to avoid being detected by security software.
Another worrying trend noted in the report was the rise of bots used in warfare, with a 145 per cent spike in automated attacks targeting Ukrainian web applications in early 2022.
These were likely designed to disrupt the country’s critical infrastructure, ranging from energy and telecom, to transport and financial sectors.
“Every organisation, regardless of size or industry, should be concerned about the rising volume of bad bots across the internet,” said Triebes.
“Year-over-year, the proportion of bot traffic is growing and the disruptions caused by malicious automation results in tangible business risks – from brand reputation issues to reduced online sales and security risks for web applications, mobile apps, and APIs.”