In 2023, bots accounted for a staggering 49.6% of all internet traffic, reflecting a 2% increase from the previous year, the most significant recorded since 2013. This highlights the rising trend in bot involvement across digital platforms, which senior executives should consider seriously within their strategic frameworks to secure assets and ensure seamless business operations.

Bad bots specifically made up 32% of this traffic, indicating their presence and the increasing sophistication of automated tools in navigating and exploiting web environments. An upsurge from 30.2% in 2022 points to a key shift towards more autonomous online interactions, possibly escalating the potential for cyber threats.

Traffic generated by humans dipped to 50.4%, showing a decline in organic interactions, which may affect how businesses evaluate traffic data for insights into consumer behavior and preferences.

This emphasizes the need for improved analytics tools that can accurately differentiate between human and bot traffic to maintain the integrity of data-driven business decisions.

Consistent global averages of bad bot traffic is holding at 32%, further amplifying the urgency for global standards and solutions aimed at curbing malicious bot activities, suggesting that this issue is pervasive and not confined to specific regions or industries.

Economic and operational impact of bad bots

Financial and operational costs

Automated traffic, predominantly originating from bad bots, places severe financial strain on organizations, costing them billions of dollars each year. Bots target critical online infrastructure such as websites, APIs, and applications, leading to direct consequences such as service disruptions, theft of data, and in some cases, complete operational shutdowns.

Financial repercussions extend beyond immediate losses, impacting infrastructure due to increased load and potentially inflating operational and customer support costs as businesses strive to mitigate and rectify issues caused by such disruptions

Senior executives must recognize the scale of these costs and consider investments in advanced cybersecurity measures and bot management solutions to safeguard their digital assets and ensure the continuity of their services.

Characteristics and detection challenges

Bad bots have evolved to mimic human online interactions with high accuracy, complicating the detection and mitigation processes.

Their ability to replicate human behavior can deceive even sophisticated detection systems, allowing them to carry out unauthorized activities such as data scraping, account takeovers, and even coordinate large-scale botnet attacks without immediate detection.

Bots can cleverly exploit the business logic of applications—targeting specific functionalities intended for legitimate use—which makes them even harder to detect and block.

For example, they might interact with eCommerce platforms in ways that mimic genuine customer interactions but are actually aimed at extracting pricing data or purchasing limited-stock items for scalping purposes.

Leaders in technology and security within organizations need to prioritize developing and implementing advanced analytical tools that detect usual patterns of attack and are capable of understanding and flagging subtle anomalies in application traffic that could indicate sophisticated bot activities.

Businesses must maintain robust defenses against increasingly cunning cyber threats – building up operational resilience and protecting customer trust.

Industry and regional impact analysis

Gaming industry

The gaming industry experienced the highest proportion of bad bot traffic, at 57.2%. This highlights the attractiveness of gaming platforms to bad actors, who exploit these environments for activities such as cheating, stealing in-game currency, and launching denial-of-service attacks which disrupt services.

Executives in the gaming sector must prioritize robust security measures to mitigate these threats, for a fair and secure gaming experience for legitimate users.

High engagement levels typical of gaming platforms also makes them prime targets for credential stuffing attacks where stolen account information is used to gain unauthorized access.

Other affected industries

  • Retail: Bad bots account for 24.4% of traffic in the retail sector. Bots typically engage in price scraping, inventory hoarding, and creating buying pressures during limited-stock releases. Retail executives need strategies to differentiate between legitimate customer interactions and bot intrusions to protect their revenue and customer service quality.
  • Travel: Here, 20.7% of traffic is due to bad bots, impacting booking systems and promotional offers, and leading to lost revenue from blocked inventory that appears booked by bots.
  • Financial services: This sector sees 15.7% of its traffic from bad bots but also bears the brunt of some of the most harmful activities, including 36.8% of account takeover attacks. Attacks focus on stealing financial information and funds, demanding a high level of vigilance and advanced security protocols to protect customer assets.

Regional disparities in bot traffic

  • Ireland: With the highest bad bot traffic at 71%, Ireland’s digital space faces severe threats, affecting all sectors from e-commerce to government services. Such high levels necessitate country-specific solutions and increased cooperation between industry stakeholders and regulatory bodies.
  • Germany: Experiencing 67.5% bot traffic, Germany’s substantial digital economy is at greater risk, requiring expert cybersecurity measures and public awareness campaigns.
  • Mexico: At 42.8%, Mexico’s growing digital infrastructure is increasingly targeted by bad bots, highlighting the need for investment in technology that can scale with this growth.
  • United States: An increase to 35.4% from 32.1% in 2022 suggests a trend that could complicate efforts to secure digital transactions and protect data across numerous sectors, reinforcing the need for ongoing adaptation and investment in cutting-edge cybersecurity technologies.

Technological advances and bot evolution

The rise in the use of generative AI and large language models has led to an increase in simple bots, which grew to 39.6% in 2023 from 33.4% in 2022. These technologies facilitate creating bots capable of performing tasks like web scraping and automated script creation, even for individuals without technical expertise.

While these technologies do drive innovation and efficiency in processes like data collection and customer service, their misuse poses complex challenges. They allow malicious actors to quickly generate bots that can scale attacks on systems, requiring advanced defenses that can adapt to evolving threats.

Bots often scrape web data to gather competitive insights or hijack customer interactions, and their evolving complexity means they can bypass traditional detection methods.

As such, businesses must invest in adaptive, intelligent security solutions that can keep pace with technological advancements and protect against the sophisticated strategies employed by these bad bots.

Security threats from API and account takeovers

Account takeover attacks, marking a 10% increase in 2023, spotlights a growing threat in the cybersecurity space, with 44% of these attacks targeting API endpoints. This sharp focus on APIs is due to their central role in integrating and exposing business processes and data.

It’s essential for C-suite executives to understand that APIs, which facilitate interactions between different software intermediaries, have become prime targets for attackers seeking to exploit security gaps for unauthorized access.

To add to this complexity, 11% of all login attempts in 2023 were linked to account takeovers, highlighting the scale at which these threats occur. The sophisticated nature of these breaches often involves bots that are programmed to perform automated login attempts using stolen credentials, raising the stakes for businesses to fortify their authentication processes.

Automated threats were responsible for 30% of API attacks, with 17% involving bad bots that specifically exploit business logic vulnerabilities.

Bots manipulate the intended functionality of APIs to access unauthorized data or disrupt services. Exploiting business logic vulnerabilities by bad bots reinforces the pressing need for companies to improve their API security frameworks and employ more advanced, context-aware security solutions that can detect and mitigate unusual or malicious API traffic.

Sources and masking of bot traffic

Bad bot traffic originating from residential ISPs accounted for 25.8% of total bot traffic, complicating the challenge of distinguishing between legitimate and malicious requests.

Bots that use residential IP addresses can evade basic IP-based blacklisting techniques, making them harder to detect and block.

Bots masquerading as mobile user agents comprised 44.8% of all bad bot traffic, up from 28.1% just five years ago. This reflects a strategic shift among attackers to leverage the growing use of mobile devices.

Mobile user agents, typically trusted in many security systems, provide a perfect disguise for malicious activities, enabling bots to blend more seamlessly with legitimate traffic. Addressing this challenge requires expert-led, mobile-specific strategies and more sophisticated user behavior analytics.

Influence of bots on social media and public discourse

During the Chinese ‘spy’ balloon incident, bots played a major role on social media platforms, attempting to manipulate public opinion. Researchers tracked approximately 1.2 million tweets related to the incident, finding that 35% of US-geotagged users and 64% in China exhibited bot-like behaviors.

Bots have the capacity to influence political and public narratives, raising concerns about the integrity of information on social media.

Coordinated attempts to skew public discourse requires implementing careful monitoring and analysis capabilities by social media companies, along with collaborations with cybersecurity experts to develop more robust mechanisms to detect and counteract these influences.

Future projections and mitigation strategies

Automated bots are projected to soon surpass the proportion of internet traffic originating from humans, kickstarting an historic shift in the digital ecosystem. These anticipated increases point to the need for continuous evolution in cybersecurity strategies to address the scale and sophistication of bot-related threats.

The rising prevalence of AI tools contributes to the omnipresence of bots, making it essential for organizations to invest in advanced bot management and API security tools.

Strategic investments will help mitigate risks associated with automated traffic and protect the integrity of digital interactions.

Developing a comprehensive bot management strategy, including the deployment of AI-driven security solutions, will be critical for businesses to defend against the increasingly complex landscape of cyber threats.

Tim Boesen

June 6, 2024

8 Min