Websites are losing the fight against bot attacks

The discovery that 95% of advanced bot attacks go undetected points to a weakness in current detection and mitigation strategies. This suggests that while some organizations may have basic defenses, they are ill-equipped to handle more sophisticated attacks, such as those leveraging AI and machine learning to mimic human behavior.

These statistics highlight the need for organizations to prioritize and strengthen their security measures against bot attacks.

65% of websites are unprotected against simple bot attacks

DataDome | 2024 Global Bot Security Report | September 2024

• More than 65% of websites are unprotected against simple bot attacks, and 95% of advanced bot attacks go undetected on websites.
• Researchers found that only 5% of luxury brand websites and 10% of e-commerce websites are fully protected against bad bots, posing a significant risk as the holiday shopping season approaches.
• Only 6% of media websites have robust protection against bots, leaving 94% vulnerable to ad fraud, content scraping, and DDoS attacks.

Keeping up with automated threats is becoming harder

Kasada | 2024 State of Bot Mitigation Report | September 2024

• 98% of organizations attacked by bots in the past year lost revenue as a result.
• Organizations are still allocating a majority of their bot management budget (63%) to ongoing management and remediation vs. the cost of their bot management solution itself (37%).
• 87% of IT/IS specialists say their executive team is concerned about bot attacks and AI-driven fraud.

Adversaries love bots, short-lived IP addresses, out-of-band domains

Fastly | Fastly Threat Insights Report | August 2024

• A significant amount of global internet traffic is attributed to requests generated by automation tools; approximately 36% of traffic originated from bots, while the remaining 64% came from human users.

Web scraping is not just a security or fraud problem

Akamai | Scraping Away Your Bottom Line: How Web Scrapers Impact Ecommerce | June 2024

• Bots compose 42% of overall web traffic, and 65% of these bots are malicious.
• Bots can be used to facilitate new account opening abuse — which, according to recent research, composes up to 50% of fraud losses.

AI is creating a new generation of cyberattacks

Netacea | Cyber security in the age of offensive AI | April 2024

• Only 11% of security leaders see bot attacks as the greatest cyber threat facing their business, below ransomware, phishing, and malware.
• In previous research, Netacea discovered that relentless bot attacks cost businesses 4.3% of their online revenue—for the largest businesses, this was the equivalent of fifty ransomware payouts.

Bots dominate internet activity, account for nearly half of all traffic

Imperva | 2024 Imperva Bad Bot Report | April 2024

• For the fifth consecutive year, the proportion of web traffic associated with bad bots grew to 32% in 2023, up from 30.2% in 2022, while traffic from human users decreased to 50.4%.
• Global average of bad bot traffic reached 32%: Ireland (71%), Germany (67.5%), and Mexico (42.8%), saw the highest levels of bad bot traffic in 2023. The US also saw a slightly higher ratio of bad bot traffic at 35.4% compared to 2022 (32.1%).
• Rapid adoption of GenAI and large language models (LLMs) resulted in the volume of simple bots increasing to 39.6% in 2023, up from 33.4% in 2022.