New Barracuda Study: Spike in bot traffic. Malicious bots make up 40 percent of all Internet traffic.
Cloud security specialist Barracuda analyzed bot traffic patterns in the first half of 2021 and found that automated attacks had increased dramatically. The pattern of these attacks and what exactly the bot behavior looks like has now been published by the company in its report Bot attacks: Top Threats and Trends - Insights into the growing number of automated attacks. The report also breaks down live examples and explains measures and technologies that can be used to ward off this type of attack.
Automated bot traffic increases
Automated bot traffic has increased significantly in recent years. Once mainly used by search engines, bots now have many uses - good, but unfortunately, increasingly, also bad. The benign bots are mainly search engine crawlers, bots for social networks, aggregator crawlers or monitoring bots.
Malicious bots range from simple scrapers that try to steal some data from an application (and that are easy to block) to advanced persistent bots that behave in a human-like manner and want to go undetected. These bots target web and price scraping, inventory hoarding, account takeover attacks, distributed denial of service (DDoS) attacks and much more. Malicious bots now make up a significant proportion of all website traffic.
The main findings from the investigation
- Bots make up almost two-thirds of Internet traffic, with malicious bots taking up almost 40 percent of all traffic.
- E-commerce applications and login portals are the most common targets of advanced, persistent bots.
- Slightly more than 22 percent of bad bot traffic comes from Europe (67 percent from North America), with this coming more from hosting services or private IPs.
- Most of the bot traffic comes in roughly equal parts from the two large public clouds, AWS and Microsoft Azure.
- Bad bots follow a standard working day.
"While some bots, such as search engine crawlers, are absolutely necessary and benign, our research shows that a very large number of bots are designed to perform malicious activities on a large scale," said Klaus Gheri, general manager of network security at Barracuda Networks. “If left unchecked, these malicious bots can have dire consequences for businesses. It is therefore important to be prepared for this and to be able to recognize and ward off this type of attack. "
When it comes to protecting against newer attacks such as bots, Gheri continues, IT teams can be overwhelmed by the number of solutions required. The good news, however, is that the solutions can be consolidated into WAF / WAF-as-a-service offerings such as Web Application and API Protection (WAAP).
More at Barracuda.com
Via Barracuda Networks Striving to make the world a safer place, Barracuda believes that every business should have access to cloud-enabled, enterprise-wide security solutions that are easy to purchase, implement and use. Barracuda protects email, networks, data and applications with innovative solutions that grow and adapt as the customer journey progresses. More than 150.000 companies worldwide trust Barracuda to help them focus on growing their business. For more information, visit www.barracuda.com.