Bots now account for nearly half of global internet traffic

According to the latest report research, in 2023, nearly half (49.6%) of Internet traffic will come from robots. This was a 2% increase from the previous year and the highest level reported since automated traffic began monitoring in 2013.

The proportion of network traffic related to malicious bots increased for the fifth consecutive year to 32% in 2023, up from 30.2% in 2022. Meanwhile, traffic from human users dropped to 50.4%. Automated traffic costs organizations billions of dollars every year due to attacks on websites, APIs, and applications.

Bots are one of the most prevalent and growing threats facing every industry. From simple web scraping to malicious account takeovers, spam, and denial of service, bots can negatively impact an organization's bottom line by degrading the quality of online service and requiring more investment in infrastructure and customer support. As attackers focus on API-related abuse that can lead to account compromise or data exfiltration, organizations must proactively respond to the threat of malicious bots.

Key Takeaways

Global malicious bot traffic will average 32% in 2023

2023, Ireland (71%) , Germany (67.5%) and Mexico (42.8%) became the countries with the highest traffic of malicious bots. Compared with 2022 (32.1%), the proportion of malicious robot traffic in the United States has also increased slightly, to 35.4%.

The widespread use of generative AI is linked to the rise of simple bots

In 2023, the rapid adoption of productive AI and large language models (LLMs) will lead to the number of simple bots increasing by 2023 An increase of 39.6% in 2022 (33.4% in 2022). The technology utilizes web scraping bots and automated crawlers to deliver trained models while enabling non-technical users to write automated scripts for their own use.

Account Takeover Attacks Increase

Account takeover (ATO) attacks increased by 10% in 2023 compared to 2022. 44% of these attacks targeted API endpoints, compared with 35% in 2022. 11% of all login attempts on the Internet are related to account takeovers. The industries most attacked by the ATO in 2023 are financial services (36.8%), tourism (11.5%) and business services (8%).

APIs are a common attack vector

In 2023, automated threats will cause 30% of API attacks. 17% of them were malicious bots that exploited business logic vulnerabilities. This refers to flaws in API design and implementation that allow attackers to operate legitimate functionality and gain access to sensitive data or user accounts. Cybercriminals use automated bots to find and exploit APIs, which are a direct route to sensitive data, making them prime targets for business logic abuse.

Every industry has a bot problem

Every industry is worried about bot traffic and attacks. Games (57.2%) accounted for the largest proportion of malicious bot traffic. Retail (24.4%), travel (20.7%) and financial services (15.7%) experienced the highest volume of bot attacks. The highest proportion of advanced malicious bots (those that mimic human behavior and evade defenses) was found on legal and government (75.8%), entertainment (70.8%), and financial services (67.1%) websites.

Improving Security

What steps can enterprises take to better protect their business from these malicious bots? Automated bots will soon exceed the proportion of Internet traffic generated by humans, changing the way organizations build and secure their websites and applications. As more AI-enabled tools become available, bots will become ubiquitous. Therefore, it is recommended that organizations invest in bot management and API security tools to manage threats from malicious automated traffic.

The above is the detailed content of Bots now account for nearly half of global internet traffic. For more information, please follow other related articles on the PHP Chinese website!