Saturday, May 4, 2024

Vogon Today

Selected News from the Galaxy

StartMag

This is how bots are becoming popular on the Internet. Thales report

3 weeks ago babelfish

This is how bots are becoming popular on the Internet. Thales report

Nearly half of all internet traffic in 2023 will come from bots, while traffic from human users is just over 50%. And bots will soon surpass the share of Internet traffic that comes from humans. All the details of the Thales study

One in two online users is a bot.

Nearly half (49.6%) of all internet traffic in 2023 comes from bots, while traffic from human users is just over 50% (50.4%). This is what emerges from the Imperva Bad Bot Report 2024, a global analysis of automated bot traffic on the Internet published today by the French defense and aerospace group Thales.

This is the highest level since the group began monitoring traffic in 2013, a statement said.

Malicious bots represent one of the most pervasive and growing threats that every industry faces, such as web scraping (data extraction from a website), account compromise and takeover, spam, etc. that affect online services and require companies large investments.

All the details.

BOTS ARE GROWING ON THE INTERNET

For the fifth consecutive year, the percentage of web traffic associated with malicious bots grew to 32% in 2023, compared to 30.2% in 2022, while traffic from human users fell to 50.4%. Automated traffic costs organizations billions of dollars per year due to attacks on websites and apps.

THE COUNTRIES MOST DENSELY POPULATED BY BOTS

The global average of bad bot traffic has reached 32%: Ireland (71%), Germany (67.5%) and Mexico (42.8%) recorded the highest levels of bad bot traffic in 2023. Also the United States saw a slightly higher ratio of malicious bot traffic at 35.4% compared to 2022 (32.1%).

THE PUSH FROM AI

The growing use of generative AI is linked to the rise of simple bots: the rapid adoption of generative AI and large language models (LLMs) has led the volume of simple bots to increase to 39.6% in 2023, compared to 33.4% in 2022. The technology uses web scraping bots and automated crawlers to power training models, while allowing non-technical users to write automated scripts for personal use.

THE RISK FOR COMPANIES

Account takeover is a persistent business risk: Account takeover (ATO) attacks increased 10% in 2023, compared to the same period the previous year. Notably, 44% of all ATO attacks targeted API endpoints, up from 35% in 2022. Of all Internet login attempts, 11% were associated with account takeovers. The industries that experienced the highest volume of ATO attacks in 2023 were financial services (36.8%), travel (11.5%), and business services (8%).

THE MOST AFFECTED SECTORS

According to the report, every sector now has a bot problem: for the second consecutive year, gaming (57.2%) recorded the highest percentage of malicious bot traffic. Meanwhile, retail (24.4%), travel (20.7%) and financial services (15.7%) saw the highest volume of bot attacks. The percentage of advanced malicious bots, those that closely mimic human behavior and evade defenses, was highest on Government (75.8%), Entertainment (70.8%), and Financial Services (67.1%) websites. ).

Furthermore, the study finds, malicious bot traffic coming from residential ISPs grows up to 25.8%: the first malicious bot evasion techniques were based on masquerading as user agents (browser) commonly used by human users. Malicious bots masquerading as mobile user agents accounted for 44.8% of all malicious bot traffic over the past year, up from 28.1% just five years ago. Sophisticated actors combine mobile user agents with the use of residential or mobile ISPs. Residential proxies allow bot operators to evade detection by making the traffic source appear to be a legitimate ISP-assigned residential IP address.

THE THALES LOCATION

“Bots are one of the most pervasive and growing threats facing every industry,” explained Nanhi Singh, General Manager, Application Security at Imperva, a Thales Group company. “From simple web scraping to the creation of malicious accounts, to spam and the inability to use network services, bots negatively impact organizations, affect online services and require large investments in customer support and infrastructure. Organizations must proactively address the threat of malicious bots, as attackers focus on API-related abuse that can lead to account compromise or data exfiltration.”

“Automated bots will soon surpass the share of Internet traffic that comes from humans, changing the way organizations produce and secure websites and applications,” Singh continued. “As more AI-enabled tools are introduced, bots will become ubiquitous. Organizations must invest in bot management and API security tools to manage the threat of automated and malicious traffic."

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/cybersecurity/ecco-come-spopolano-i-bot-in-internet-rapporto-thales/ on Tue, 16 Apr 2024 14:20:46 +0000.