Bad bot cyber attacks increase in number and sophistication

Register now

The sophistication of bot attacks continues to evolve, as advanced attackers learn to adapt their techniques in order to invalidate existing defense tactics, according to a new report from Distil Networks, a provider of bot mitigation technology.

The study, “Bad Bot Report 2019: The Bot Arms Race Continues,” examines hundreds of billions of bad bot requests from 2018 over thousands of domains, to provide insight into the daily automated attacks that wreak havoc on Web sites, mobile apps and application programming interfaces (APIs).

Bad bots are used by hackers, cyber criminals, and others and are the key culprits behind account takeovers or hijacking, Web scraping, brute-force attacks, competitive data mining, transaction fraud, data theft, spam, and digital ad fraud, the report said.

In 2018, bad bots accounted for one in five Web site requests (accounting for 20 percent of Web traffic). Good bots decreased slightly to make up 18 percent of traffic.

About three quarters of bad bots (74 percent) are classified as advanced persistent bots (APBs), which are characterized by their ability to cycle through random IP addresses, enter through anonymous proxies, change their identities. and mimic human behavior.

Amazon is the leading ISP for originating bad bot traffic, according to the report. In 2018, 18 percent of bad bot traffic originated from Amazon, compared with 11 percent the previous year.

Despite the fact that 53 percent of bot traffic originates from the United States, Russia and Ukraine combined make up nearly half (48 percent) of country-specific IP block requests.

For reprint and licensing requests for this article, click here.