“Forewarned is forearmed,” goes the old saying. Radware’s annual ‘Big Bad Bot Problem 2020’ report continues our tradition of analyzing bot trends, origins, attack methods, and the targets of bad bot attacks. Our researchers looked at the overall traffic across our global client base to analyze bot behavior and identify trends in automated attacks that are an ever-growing challenge for security professionals and the organizations they protect. The report examines how bots are evolving their attack strategies, the industries they target, and provides recommendations on how they can be safeguarded against.
The Big, Bad Bot Problem report was developed to aggregate our findings on bot attacks on our customers’ online properties, along with our data scientists’ analysis to give you the big picture about automated attacks and how they occur. Armed with this, we aim to provide you with the information you need to mitigate bot threats in your organization and ensure continued growth.
Quantitative data for this report was collected and aggregated over the course of 2019 from organizations using Radware Bot Manager spread over nearly 200 countries. Our bot management team of security consultants, data analysts, and researchers contributed their insights gained from frontline experiences, contributing detailed forensic analysis of sophisticated bot behaviors and attack patterns. Our researchers also provided analysis of hundreds of millions of legitimate and malicious bot behaviors, fingerprints, and sources to develop the Big Bad Bot Problem report.
Our research finds that bad bots are continually evolving to be more sophisticated in their capabilities to mimic human behavior and evade conventional security protections. For businesses and other organizations that must confront malicious bot traffic every day, these advances in bot and botnet technologies are warning signs of things to come, given the steadily-growing impact of bad bots. Apart from directly affecting revenues and customer acquisition, malicious bots are also being adapted to attack crucial business applications and steal confidential corporate and user data. Bearing this in mind, application as well as network security solutions must evolve to detect and deter sophisticated bots that can mimic human behavior and outwit conventional security measures.
Across verticals, companies around the world are facing growing numbers of bot attacks on their websites, mobile applications, and APIs. In 2019, our researchers pegged bad bot traffic at 24.5% of total internet traffic, a 20% increase over 2018. The growing prevalence of all bot traffic meant that human traffic on the internet fell from roughly 63% to 53.4%, which is the steepest decline we have seen in recent years.
Figure 1: Internet traffic distribution: 2018 vs. 2019
In the fourth quarter of 2019, when the holiday shopping season was in full swing, we measured bad bot traffic growing further to reach 29.3% of total internet traffic.
Figure 2: Quarterly distribution of internet traffic: 2019
While relatively crude first and second generations of bots declined in number as shown in the figure below, third and fourth-generation bots increased in their overall percentage share. Our 2018 report found that the third and fourth generations of bad bots respectively comprised 22.1% and 16.6% of traffic across our global client base. In contrast, our 2019 report shows that these third and fourth-generation bot traffic figures grew to 27.2% and 18.3%, respectively.
Figure 3: Bad bot sophistication levels: 2018 vs. 2019
These statistics indicate that cybercriminals and fraudsters are preferring to use more advanced bots to carry out their activities, as these later generations of bots can evade basic application and network security systems that still prevail in most corporate infrastructures. Another aspect of bot attacks that should worry security specialists is our finding that mobile applications are increasingly being used to launch attacks. Bot attacks originating from mobile devices are much harder to detect because they generally change IP addresses change often depending on network conditions and users’ locations.
Read our Big Bad Bot Problem 2020 report for a comprehensive presentation on global bot trends, along with insightful predictions and security recommendations from our bot management experts.