Apparently, North America’s data centers and two major highly accessible public clouds are being used by cybercriminals to launch threats.
Over the past few years automated bot traffic has significantly increased, making up nearly two-thirds of internet traffic. Originally used by search engines and benign purposes, bot technology has since been adapted for malicious activities as well.
Good bots carry out useful tasks for crawling websites and social networks, whereas bad bots or are often used for hacking, spamming, spying and compromising websites. Some bad bots even masquerade as good bots such as vulnerability scanners!
In analyzing internet traffic patterns in its user ecosystems over the first six months of 2021, one cybersecurity firm has released a trend report about bot attacks. It appears that bad bot activity in its study—data theft, inventory hoarding, account takeover, DDoS and advanced persistent threat—are double that of normal bot activity.
About 67% of the bad bot traffic in the study came from North America (mostly from data centers), and mostly from AWS and Azure public clouds, according to Barracuda, which conducted the research. Europe accounted for 22%, followed by Asia at 8%.
The most common targets of advanced persistent bots in the study were e-commerce apps and login portals. As the bots closely imitate human behavior, they are harder to detect. Although automation allows the bots to operate around the clock, the study showed that their operators typically follow a normal workday to blend into other network traffic.
According to the firm’s spokesperson Nitzan Miron: “While some bots are good, our research shows that a much larger number of bots are dedicated to carrying out malicious activities at scale. When left unchecked, these bad bots can have serious consequences for businesses and ultimately lead to a breach. That’s why it’s critically important to be prepared to detect and block these attacks.”
Anti-bot protection and web application firewalls are common tools for defense against bot activity.