A new year and a new Bad Bot Report from Imperva. How is it looking? Well, this year, we see an increase in the sophistication level of bad bots compared to last year, with advanced bad bots accounting for 25.9% of all bad bot traffic in 2021, compared to 16.7% in 2020. In addition, evasive bad bots are on the rise, no industry is immune, and Account Takeover attacks are more prevalent than ever.
The good news is that not all bots are Superbad — they go from Simple to Moderate, Advanced, and, Evasive — and we are getting better at finding them.
During our conversation this year, we take a quick look back in time to last year's report to see what some of the changes are. Sadly, the team at Imperva is seeing more of the advanced bots we discussed during this conversation. Unfortunately, their ability to emulate human behavior makes them much more difficult to detect.
What's driving a lot of this rise in bad bots? More and more services are moving online.
We hope you enjoy this Part 1 of 2 conversations as we explore and uncover the consequences of bad bots for our business and society.
About the 2022 Imperva Bad Bot Report
Leveraging data from its global network, Imperva Threat Research investigates the rising volume of automated attacks occurring daily, evading detection while wreaking havoc and committing online fraud. The 9th annual Imperva Bad Bot Report is based on data collected from the Imperva global network throughout 2021. The data is composed of hundreds of billions of blocked bad bot requests, anonymized over thousands of domains. The goal of this report is to provide meaningful information and guidance about the nature and impact of these automated threats.
Bot attacks are often the first indicator of fraudulent activity online, whether it’s validating stolen user credentials and credit card information to later be sold on the dark web, or scraping proprietary data to gain a competitive advantage. Often bots are used to surveil applications and APIs in an attempt to discover vulnerabilities or weak security. Online fraud from automated bot attacks is not only a threat to the business, but it is first and foremost a risk to customers. Bad bot attacks might cause customers to be unable to access their accounts or have sensitive information stolen from them due to successful account takeover fraud.
Bad bots mask themselves and attempt to interact with applications in the same way a legitimate user would, making them harder to detect and block. They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.
Such activities include web scraping, competitive data mining, personal and financial data harvesting, brute-force login, digital ad fraud, denial of service, denial of inventory, spam, transaction fraud, and more.
Note: This story contains promotional content. Learn more.
Guest
Ryan Windham
VP of Application Security at Imperva [@Imperva]
On Linkedin | https://www.linkedin.com/in/rwindham/
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Imperva Bad Bot Report 2022: https://itspm.ag/impervwurd
Want the Bad Bot 101 Story? Check out the Imperva 2021 Bad Bot Report Podcast Series here: https://www.itspmagazine.com/their-stories/the-good-the-bad-and-the-ugly-the-bad-bot-report-2021-an-imperva-story
Be sure to listen to Part 2 of this conversation here: https://itspmagazine.com/their-stories/how-bots-fake-human-behavior-to-conduct-online-fraud-the-bad-bot-report-2022-part-1-an-imperva-story-with-ryan-windham
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
View all episodes
By Sean Martin, ITSPmagazine
5
33 ratings
A new year and a new Bad Bot Report from Imperva. How is it looking? Well, this year, we see an increase in the sophistication level of bad bots compared to last year, with advanced bad bots accounting for 25.9% of all bad bot traffic in 2021, compared to 16.7% in 2020. In addition, evasive bad bots are on the rise, no industry is immune, and Account Takeover attacks are more prevalent than ever.
The good news is that not all bots are Superbad — they go from Simple to Moderate, Advanced, and, Evasive — and we are getting better at finding them.
During our conversation this year, we take a quick look back in time to last year's report to see what some of the changes are. Sadly, the team at Imperva is seeing more of the advanced bots we discussed during this conversation. Unfortunately, their ability to emulate human behavior makes them much more difficult to detect.
What's driving a lot of this rise in bad bots? More and more services are moving online.
We hope you enjoy this Part 1 of 2 conversations as we explore and uncover the consequences of bad bots for our business and society.
About the 2022 Imperva Bad Bot Report
Leveraging data from its global network, Imperva Threat Research investigates the rising volume of automated attacks occurring daily, evading detection while wreaking havoc and committing online fraud. The 9th annual Imperva Bad Bot Report is based on data collected from the Imperva global network throughout 2021. The data is composed of hundreds of billions of blocked bad bot requests, anonymized over thousands of domains. The goal of this report is to provide meaningful information and guidance about the nature and impact of these automated threats.
Bot attacks are often the first indicator of fraudulent activity online, whether it’s validating stolen user credentials and credit card information to later be sold on the dark web, or scraping proprietary data to gain a competitive advantage. Often bots are used to surveil applications and APIs in an attempt to discover vulnerabilities or weak security. Online fraud from automated bot attacks is not only a threat to the business, but it is first and foremost a risk to customers. Bad bot attacks might cause customers to be unable to access their accounts or have sensitive information stolen from them due to successful account takeover fraud.
Bad bots mask themselves and attempt to interact with applications in the same way a legitimate user would, making them harder to detect and block. They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.
Such activities include web scraping, competitive data mining, personal and financial data harvesting, brute-force login, digital ad fraud, denial of service, denial of inventory, spam, transaction fraud, and more.
Note: This story contains promotional content. Learn more.
Guest
Ryan Windham
VP of Application Security at Imperva [@Imperva]
On Linkedin | https://www.linkedin.com/in/rwindham/
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Imperva Bad Bot Report 2022: https://itspm.ag/impervwurd
Want the Bad Bot 101 Story? Check out the Imperva 2021 Bad Bot Report Podcast Series here: https://www.itspmagazine.com/their-stories/the-good-the-bad-and-the-ugly-the-bad-bot-report-2021-an-imperva-story
Be sure to listen to Part 2 of this conversation here: https://itspmagazine.com/their-stories/how-bots-fake-human-behavior-to-conduct-online-fraud-the-bad-bot-report-2022-part-1-an-imperva-story-with-ryan-windham
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
90,955 Listeners
373 Listeners
372 Listeners
653 Listeners
1,024 Listeners
418 Listeners
30 Listeners
181 Listeners
189 Listeners
74 Listeners
140 Listeners
5,511 Listeners
2 Listeners
44 Listeners
22 Listeners
4 Listeners
0 Listeners
5 Listeners