Around a fifth of all web traffic last year was linked to malicious bot activity, with financial services hit more than any other sector, according to Distil Networks.
The security vendor compiled its 2019 Bad Bot Report from analysis of a global network covering thousands of anonymized domains.
It claimed to have discovered hundreds of billions of “bad bot” requests across this network, enabling large-scale, automated malicious activity including: web scraping, competitive data mining, personal and financial data harvesting, brute-force login and digital ad fraud, spam, transaction fraud and more.
The report revealed 20.4% of traffic to be linked to this kind of activity. Although this was a slight drop from last year, nearly three-quarters (74%) of these bots are classified as “Advanced Persistent Bots” (APBs) which are able “to cycle through random IP addresses, enter through anonymous proxies, change their identities, and mimic human behavior.”
In terms of ISPs, bad bot traffic was most likely to originate from Amazon (18%), while geographically, most traffic originated in the US (53%), according to the report. However Russia and Ukraine accounted for nearly half (48%) of blocking requests from Distil customers, given their notoriety.
Financial services had the highest percentage of malicious bot traffic (42%) thanks mainly to the uptick in credential stuffing designed to access and/or hijack user accounts. Between May and December 2018 Akamai tracked over a billion credential stuffing attempts on financial services firms.
However, ticketing (39%), education (38%) and government sectors (30%) were also badly affected. Government is unusual in that the motivations of attackers in this sector are not solely driven by financial gain, but also election (voter registration account) interference.
“Bot operators and bot defenders are playing an incessant game of cat and mouse, and techniques used today, such as mimicking mouse movements, are more human-like than ever before,” said Tiffany Olson Kleemann, CEO of Distil Networks.
“As sophistication strengthens, so too does the breadth of industries impacted by bad bots. While bot activity on industries like airlines and ticketing are well-documented, no organization — large or small, public or private — is immune. When critical online activity, like voter registration, can be compromised as a result of bad bot activity, it no longer becomes a challenge to tackle tomorrow. Now is the time to understand what bots are capable of and now is the time to act.”