In the first half of 2021, the volume of traffic from malicious bots increased significantly, leading to an increase in automated attacks on organizations, according to a September report from Barracuda Networks.
According to the report, almost two-thirds (64%) of internet traffic comes from bots, while 39% of traffic comes from the activity of malicious bots.
These quite advanced bots always try to bypass conventional defences and always try to carry out their harmful activities without being detected. Of these, the most common of those detected are those that act on eCommerce applications and on access and login portals to services.
“While some bots like search engine crawlers are good, our research shows that over 60% of bots are dedicated to carrying out malicious activities at scale. When left unchecked, these bad bots can steal data, affect site performance, and even lead to a breach. That’s why it’s critically important to detect and effectively block bot traffic.” — said Nitzan Miron, VP of Product Management, Application Security, Barracuda.
The region with the most malicious bot traffic is North America, accounting for 67% of malicious bot traffic, ahead of Europe (22%) and Asia (8%). According to the report, the majority of harmful traffic is generated in data centres, but in Europe, it is more likely to come from hosting services, specifically VPS and residential IPs.
Bots are usually automated, but malicious bots were designed to work mostly during business hours. This is because the programmers of these bots prefer to hide their activity among the traffic generated normally by humans to avoid suspicion.
The company points out that although some bots are good, many are dedicated to carrying out harmful activities on a large scale, and if they are not controlled and monitored, they can steal data, affect the performance of websites and even cause security breaches.