Which country is better for computer technology

The internet pandemic: Imperva® Research Labs reports record bot traffic for 2020

  • 40.8% of internet traffic in 2020 was non-human
  • Malicious bot traffic has increased 6.2% and now accounts for more than a quarter of all website requests
  • Bots disguised as mobile browser users rose to 28.1% from 12.9% in 2019

SAN MATEO, California, April 13, 2021 (GLOBE NEWSWIRE) - Imperva, Inc., (@Imperva), the leading cybersecurity company whose stated goal is the protection of data and data access routes, publishes the Imperva Bad Bot Report 2021. The eighth edition of the annual report offers an in-depth global analysis of bot traffic in all industries. Recorded last year Imperva Research Labs the highest percentage of malicious bot traffic (25.6%) since the first report in 2014, while traffic from humans decreased by 5.7%. More than 40% of all web traffic requests in the past year came from a bot, which indicates the growing volume and far-reaching impact of bots in everyday life.

Advanced persistent bots made up the majority of malicious bots' traffic last year at 57.1%. These bots are responsible for high-speed attacks and the abusive use of websites, mobile apps and APIs at tremendous speed. They can mimic human behavior very closely and are also harder to spot and stop. This presents a unique challenge for companies looking to minimize downtime, reduce bandwidth consumption, and improve the experience of legitimate human customers. Additionally, these types of bots are wreaking havoc on businesses through price scraping, content scraping, account creation, account takeover, fraud, denial-of-service, and denial-of-inventory.

In 2020, the largest share of total bot traffic (45.7%) was from telecommunications and Internet service providers (ISPs). This was often due to the involvement of bots in account takeovers or price scraping. At the same time, the travel industry saw the largest share of traffic from sophisticated malicious bots (59.7%). Government websites also saw an increase. Bots were involved in account takeovers, data scraping from lists with company registrations and voter registration.

Further information from the Imperva Bad Bot Report 2021:

  • Bots target websites for scheduling appointments for COVID-19 vaccinations: Imperva Research Labs saw malicious bot traffic on healthcare websites increase by 372% from September 2020 to February 2021 recorded. As vaccines became available to more age groups recently, Imperva Research Labs saw bot activity at up to 25,000 requests per hour. Bots have been able to disrupt the supply chain of health systems, pharmacies, and retailers involved in vaccine rollouts by corrupting networks and making it difficult for legitimate users to access scheduling services.
  • Scalper bots took advantage of the global pandemic: In 2020, scalper bots were used for hoarding goods. Earlier in the year, bots were used to hoard large stocks of face masks, disinfectants, detergents, home exercise equipment, and more.
  • Bot focus on mobile browsers: The percentage of malicious bots acting as mobile browsers rose to 28.1% last year, up from 12.9% in 2019. Imperva Research Labs has also seen continued growth in the number of attacks launched by mobile ISPs for 2020 started; a trend that continued for the fourth year in a row. This shows that bots are evolving their methods to better mimic human behavior.
  • Bots Involved in Account Takeover Fraud: Companies with a login page on their website are constantly being attacked by credential stuffing and credential cracking. 34% of all login attempts in 2020 were from malicious bots. This is particularly a major problem in industries such as computing and IT, travel, retail, financial services, entertainment, telecommunications and the Internet, and healthcare.
  • Grinch bots made millions hoarding gaming hardware: Towards the end of 2020 at Christmas time, scalpers hit the gaming hardware market. Imperva Research Labs found that malicious bot traffic on retail websites increased 788% globally between September and October 2020. The timing is no coincidence and perfectly matched to the release dates of the new game consoles. The result was that many gamers were frustrated because game consoles, GPU or CPU devices could practically no longer be bought online while bots hoarded the goods and resold them for profit.
  • Even good bots pose a threat: The percentage of good bot traffic reached 15.2% in 2020 compared to 13.1% in 2019. When a website is inundated with bot traffic of any kind, it slows web performance and legitimate users will be able to access the required information or services difficult. Good bots can also skew web analytics reports, making some pages appear more popular than they are, which in turn leads to lower performance for advertisers.
  • The US is both the most attacked nation and the most common source of malicious bots: For the seventh year in a row, the United States was the nation most targeted by malicious bots (37.2%), followed by China (8.3%) and the United Kingdom (6.9%). Interestingly enough, malicious bots were often launched from the country they were targeting. The US is the country where the most malicious bots are hosted (40.5%).

“As we've seen over the past eight years, malicious bots continue to be a big problem on the Internet. At the same time, the attacks are becoming more advanced and sophisticated, ”said Edward Roberts, Director of Strategy, Application Security at Imperva. “Over the past year, even during a global pandemic, malicious bots have hit new markets with great success. The end users are now also feeling the effects. The gaming hardware industry's Grinch Bot glitches in late 2020 is an example of what happens when bots go undetected and cause denial of inventory. For businesses and security professionals, malicious bots should be a top priority in 2021 as this problem is expected to continue to grow. Businesses need to take proactive steps to protect their websites, applications and APIs from these threats as bots are increasingly used for fraudulent activities that can lead to reputational and financial damage. "

Additional Information

About Imperva
Imperva is a leading cybersecurity company whose stated goal is the protection of data and data access routes. Customers around the world trust Imperva to protect their applications, data and websites from cyberattacks. With an integrated approach that combines edge, application security and data security, Imperva protects companies in all phases of their digital development. Imperva Research Labs and our global intelligence community enable Imperva to stay one step ahead of the threat landscape and to seamlessly integrate the latest security, privacy and compliance insights into our solutions.