Bot attacks are a serious threat to the security and performance of websites, mobile apps, and APIs. They can be used to steal data, hijack accounts, disrupt services, or manipulate online markets. According to a recent report by Imperva¹, a cybersecurity company that specializes in bot mitigation, most of the bot attacks originate from China and Russia.
The report, titled “Bad Bot Report 2021: The Pandemic of the Internet”, analyzed over 40 billion requests from 1,900 domains across various industries and regions. It found that 25.6% of all website traffic in 2020 was generated by bad bots, which are malicious programs that impersonate human users. This means that one in every four requests was from a bad bot, and not a real person.
China was the top source of bad bot attacks, accounting for 26.6% of the global share. Russia was the second, with 10.5%, followed by the United States, with 8.2%. The top 10 countries responsible for bad bot traffic were:
- China: 26.6%
- Russia: 10.5%
- United States: 8.2%
- Brazil: 4.9%
- India: 4.7%
- Indonesia: 3.7%
- Ukraine: 3.6%
- Vietnam: 3.4%
- Germany: 2.9%
- South Korea: 2.8%
Bad bots often target the same country they originate from. For example, 79.7% of bad bot traffic in China was directed at Chinese websites, and 74.3% of bad bot traffic in Russia was aimed at Russian websites. This suggests that bad bots are used for domestic purposes, such as competitive intelligence, fraud, or political manipulation.
Bad bots can be classified into four categories, based on their level of sophistication and persistence. They are:
- Simple bots: These are the easiest to detect and block, as they use basic scripts and do not attempt to hide their identity or behavior. They accounted for 18.9% of bad bot traffic in 2020.
- Moderate bots: These are more advanced than simple bots, as they use headless browsers or other tools to execute JavaScript and load cookies. They also use proxy servers or VPNs to mask their IP address. They accounted for 23.9% of bad bot traffic in 2020.
- Sophisticated bots: These are the most challenging to identify and stop, as they use advanced techniques to mimic human behavior and evade detection. They can rotate IP addresses, spoof browsers, use residential proxies, or employ machine learning. They accounted for 34.4% of bad bot traffic in 2020.
- Advanced persistent bots (APBs): These are the most persistent and aggressive type of bad bots, as they can switch between the other three categories depending on the situation. They can also use multiple attack vectors, such as web, mobile, or API. They accounted for 22.8% of bad bot traffic in 2020.
Telecom and ISPs, computing and IT, sports, news, and business services were the most affected by bad bot traffic, with more than 30% of their website traffic coming from bad bots. The least affected were travel, education, and healthcare, with less than 10% of their website traffic coming from bad bots.
Bad bots pose a serious threat to the security, privacy, and integrity of online users and businesses. It recommended that website owners and operators should implement effective bot mitigation solutions, such as firewalls, CAPTCHAs, rate limiting, behavioral analysis, or device fingerprinting. It also advised that website owners and operators should monitor their website traffic and activity, and report any suspicious or malicious bot activity to the relevant authorities.
Bot attacks are not only a nuisance, but also a potential danger, as they can compromise the security and performance of websites, mobile apps, and APIs, and expose users and businesses to various risks, such as data breaches, account takeovers, service disruptions, or market distortions.
Website owners and operators should take proactive measures to detect and prevent bot attacks, and adopt best practices to protect their online assets and users. However, bot mitigation is not a one-size-fits-all solution, and that different websites, mobile apps, and APIs may require different approaches and techniques, depending on their specific needs and goals. Website owners and operators should conduct a thorough assessment of their online environment, and tailor their bot mitigation strategy accordingly.
Bot mitigation is not a one-time task, but a continuous process, as bot attacks are constantly evolving and adapting to new technologies and defenses. We recommend that website owners and operators should regularly update and review their bot mitigation solutions, and keep abreast of the latest trends and developments in bot attacks and bot mitigation. By doing so, they can ensure that their online environment is secure, reliable, and resilient against bot attacks.