A study by cyber security provider Imperva warns that automated threats pose a growing risk to businesses.
In an analysis, Imperva examined the volume of bots on the Internet over the past ten years. In 2022, 68.6 percent of all Internet traffic in Germany came from bots, a significant increase over the previous year (39.6 percent). The share of traffic generated by human users was 25.2 percent, a rapid decline from 2021 (57.4 percent). In terms of the sophistication of bots, Germany is exactly in line with the global average at 51.2 percent.
Malicious but mostly simple bots primarily in the financial sector
In Germany, the financial sector, consulting firms and the education sector stand out particularly when it comes to the proportion of malicious bots (bad bots). This is highest in each case, at 88.7 percent, 76.4 percent and 76.1 percent respectively. However, the bad bots in these sectors are only very sophisticated in consulting services (49.5 percent). In the financial sector, only just under one in ten bots can be classified as highly sophisticated; just under 60 percent are at a technically medium level and over 30 percent are only very rudimentary in their functionality. Similarly, in the education sector, only 8.5 percent are sophisticated, while 43 percent are rudimentary.
When it comes to news channels and news portals, the situation is similar: here, the proportion of bad bots is over 75 percent; however, they can all only be classified as rudimentary – which, however, increases the likelihood of fake news. Conversely, most highly developed and technologically advanced bots are to be found in the retail sector, at just under 52 percent. The proportion of bad bots here is rather low from the outset, at 37 percent, compared to 21 percent of well-intentioned bots and 36 percent of traffic generated by human users.
Germany in first place for bad bot traffic
In an international comparison, the Imperva study notes that the majority of countries have a bad-bot problem. Of the 13 countries examined in the study, seven had more bad bot traffic than the global average of 30.2 percent. Germany ranked first at 68.6 percent, followed by Ireland at 45.1 percent and Singapore (43.1 percent). The USA is also above average at 32.1 percent.
Bad bots are becoming increasingly sophisticated and difficult to detect: According to the report, across all industries, 68.6 percent of all malicious bots in Germany are equipped with advanced technologies. In addition, the number of attacks to take over accounts increased by 155 percent in 2022. Globally, 15 percent of all login attempts across industries turned out to be account takeovers, according to the study. Among those, 35 percent of account takeover attacks in 2022 occurred via a programming interface. When accessed programmatically, attackers can automate their takeover attempts without attracting attention.
Browser settings can mask bad bot behaviour
In addition, the study points out that bad browser settings are not the only factor favoring bad bots: According to the study, one in five malicious bots was introduced to the Internet via the Mobile Safari browser in 2022, compared to 16.1 percent in 2021. Certain privacy settings in browsers can disguise the behavior of bad bots and make it more difficult for companies to detect and stop automated traffic, according to the study.