Almost two thirds of all website traffic is now generated by bots, nearly a third of which are malicious, according to new research.
The study by web security firm Incapsula found a 21 per cent growth in total bot traffic since their previous report in March 2012 up to 61.5 per cent of website visitors.
And while the bulk of that growth can be attributed to a 55 per cent increase in visits by good bots, originating from organisations such as search engines, as many as 31 per cent of bots were found to be malicious in nature, such as spam bots, website scrapers that steal content and hacking tools.
The overall percentage of malicious bots is unchanged from the firm’s previous report and there has been a noticeable reduction in spam bot activity, which decreased from 2 per cent in 2012 to 0.5 per cent in 2013, which the firm said was likely to be due to Google’s anti-spam campaign.
But a significant increase in the activity of what the firm terms “other impersonators” – a group which consists of unclassified bots with hostile intentions – of about 8 per cent is a cause for concern.
“The common denominator for this group is that all of its members are trying to assume someone else’s identity,” Incapsula product evangelist Igal Zeifman said in a blog post.
“For example, some of these bots use browser user-agents while others try to pass themselves as search engine bots or agents of other legitimate services. The goal is always the same – to infiltrate their way through the website’s security measures.
“The generalized definition of such non-human agents also reflects on these bots’ origins. Where other malicious bots are agents of known malware with a dedicated developer, GUI, ‘brand’ name and patch history, these ‘impersonators’ are custom-made bots, usually crafted for a very specific malicious activity.”
According to Zeifman these bots are the tools of “top-tier hackers” who are proficient enough to create their own malware.
“In terms of their functionality and capabilities, such 'impersonators' usually represent a higher-tier in the bot hierarchy. These can be automated spy bots, human-like DDoS agents or a Trojan-activated barebones browser,” he said.
“The 8 per cent increase in the number of such bots highlights the increased activity of such hackers, as well as the rise in targeted cyber-attacks. This is also reflective of the latest trends in DDoS attacks, which are evolving from volumetric Layer 3-4 attacks to much more sophisticated and dangerous Layer 7 multi-vector threats.”