One cybersecurity firm’s data from 2023 to 2024 seems to be pointing to this emergent trend…
In analyzing bot-related traffic and activity targeting its web applications and application programming interfaces between September 2023 and August 2024, one cybersecurity firm has found some trends about bot attacks in its data.
First, 49% of bots in the data were identified as “advanced bots”, most of which were malicious and designed to mimic human behavior and handle complex online interactions such as engaging with targets in account takeover attacks. In the period of analysis, the advanced bots were more sophisticated and human-like, presumably to boost success rates in account takeovers and other automated attacks.
Second, the proportion of bad bot traffic in the firm’s ecosystem during the analysis period showed a decline, having dropped from 39% in 2021 data to 24% in 2024 data. The data also showed that the proportion of individual bad bots had risen from 36% to 44% of detected clients in the same period.
Other findings
Third, a new category of bots had emerged: AI bots that could be classified as “grey bots” because they were not overtly malicious, but their approach can be questionable — blurring the boundary of legitimate activity.
According to Tushar Richabadas, Principal Product Manager, Barracuda, the firm announcing its data findings: “Bad bots are bad news for business. They can steal data, commit fraud, exploit vulnerabilities, overload websites with traffic, spread spam, skew business analytics, disrupt services for legitimate customers, and more. We also see an emerging category of ‘grey bots’: AI bots designed to extract or scrape large volumes of data from websites.”
While Richabadas was happy that the proportion of bad bots in his clients’ internet traffic has declined, “our deeper analysis shows that the range of bad bots has risen over the last 12 months and many of these are advanced bots.”
The firm has recommended organizations to tackle bot attacks with a multilayered approach, including robust application security with proper configuration, specialized bot protection to block advanced attacks, and machine learning and multifactor authentication to detect human-like bots and prevent credential stuffing.
