Five Key Takeaways from the 2024 Imperva Bad Bot Report

Imperva Bad Bot Report 2024 was published to help organizations better understand the challenges associated with automated traffic and the risks of not mitigating it.

Five key takeaways from the Imperva Bad Bot Report 2024:

1. Malicious automated trafficc to increase: Automated traffic makes up almost half of all internet traffic worldwide. Generally speaking, automated traffic comprises two types of automation: good and bad bots. Concerningly, bad bots alone account for nearly a third of all traffic, at 32%, with their volume increasing for the fifth consecutive year. The rise in popularity of Artificial Intelligence (AI) and Large Learning Models (LLMs) contributed to the increase in automated traffic in 2023. The technology uses web scraping and crawling to feed training models while commoditizing bots by enabling non-technical users to write scripts.
2. Generative AI fuels the rise in simple bad bots: The report takes a deeper dive into the anatomy of bad bots by classifying them according to the level of sophistication and the tactics used when attempting (or not) to evade detection. We saw simple bad bot traffic grow from 33.4% of all bad bot traffic in 2022 to 39.6% in 2023. This increase can be attributed to artificial intelligence’s popularity and widespread adoption. Less technical individuals can now write basic bot scripts. These scripts often lack the latest evasion techniques advanced bots use, so they’re classified as simple.
3. Account Takeover Remains a Persistent Business Risk: Account takeover (ATO) is an attempt at unauthorized access and takeover of user accounts using bots. This is most commonly achieved by performing credential stuffing, which involves testing dumps of leaked user credentials against login pages. Such attacks increased by 10% in 2023, with 44% of all ATO attacks targeting API endpoints. Financial Services, Travel, and Business Services were the industries that saw the highest volume of ATO attacks in 2023.
4. APIs are a Popular Vector for Attack: Automated threats were responsible for 30% of API attacks in 2023. Cybercriminals increasingly rely on automated bots to discover and exploit APIs, which provide a direct pathway to sensitive data. Organizations depend heavily on APIs to support application modernization. However, APIs increase the attack surface, providing more entry points for automated attacks. Because of their machine-readable nature, APIs are becoming more vulnerable to bad bot attacks, and a lack of visibility into API traffic makes it difficult to detect them. These factors and others have made APIs a high-priority target for bad actors, particularly bot attacks.
5. Residential ISPs and Mobile Devices are a Favorite Choice: A quarter of bad bot traffic now originates from residential ISPs. Early bad bot evasion techniques relied on masquerading as a user agent (browser) commonly used by legitimate human users. Nowadays, this has become a more common technique. Sophisticated actors combine this with the use of residential or mobile ISPs. Bot operators can use residential proxies to appear as if traffic is coming from a legitimate ISP-assigned residential IP address, making it more difficult for bot management tools to detect them.

The 2024 Imperva Bad Bot Report underscores the importance and urgency of addressing the threat of bots. As we move into a future where automated traffic will surpass the volume of internet traffic from humans, organizations must invest in effective bot management and API security tools to protect their websites, APIs, and mobile applications from malicious, automated traffic.

Imperva uses a multilayered detection approach combining state-of-the-art technology and human expertise. This includes hundreds of reputational models, behavioral analysis, advanced proprietary challenges, and machine learning models that are dynamically trained throughout every step. The Imperva Application Security Platform generates shared global intelligence across all Imperva-protected sites, allowing for real-time response to the latest threats.

Receive a personal consultation on Imperva solutions from certified Softprom specialists.

Softprom – Value Added Distributor of Imperva.