All bad bots interact with applications in the same way a legitimate user would, making them harder to detect and block. They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.
Such activities include web scraping, competitive data mining, personal and financial data harvesting, brute-force login, digital ad fraud, denial of service, denial of inventory, spam, transaction fraud, and more.
Imperva’s 2021 Bad Bot Report reported that bad bot traffic has maintained its upwards trend, amounting to 25.6 percent of all traffic, a new record. Not all bad bots are created equal, however.
Imperva created an industry-standard system that classifies the sophistication level of the four bad bot types. Their profiles are explained in the graphic below:
Download a PDF of this image here.
Imperva’s Bad Bot Report revealed that advanced persistent bots (APBs) represented the majority of bad bot traffic in 2020. Advanced persistent bots accounted for 57.1 percent of all 2020 bad bot traffic. APBs, sometimes known as “low and slow” bots, carry out significant attacks using fewer requests and can even delay requests, all the while staying below request rate limits. This method reduces the “noise” generated by many bad bot campaigns.
What can enterprises do about advanced persistent bots?
It is important to monitor for failed login attempts. First, define your failed login attempt baseline, then monitor for anomalies or spikes. Set up alerts so you’re automatically notified if any occur. Advanced “low and slow” attacks don’t trigger user or session-level alerts, so be sure to set global thresholds.
The bot problem is an arms race. Bad actors are working hard every day to attack websites across the globe. The tools used constantly evolve, traffic patterns and sources shift, and advanced bots can even mimic human behavior. Hackers who use bots to target your site are distributed around the world, and their incentives are high. In early bot attack days, you could protect your site with a few tweaks; Imperva’s 2021 Bad Bot Report shows that those days are long gone. Today, it’s almost impossible to keep up with all of the threats on your own. Industry analysts agree, which is why Gartner has added bot defense as a core requirement for WAF and CDN vendors. Your defenses need to evolve as fast as the threats, and to do that you need dedicated support from a team of experts.
Get your free copy of Imperva’s 2021 Bad Bot Report here.
Get the latest from imperva
The latest news from our experts in the fast-changing world of application, data, and edge security.