Radware has issued findings from bot research it has conducted this year that show in February 27.7% of traffic on media sites was made up of bad bots and involved automated activity, including scraping. The findings includes detailed graphs of the bot activity and shows a distinct correlations between bad bots and CV-19.
Bots are also being used to drive the infodemic, continuing to be an efficient tool for powers like cybercriminals, nation-state actors, and conspiracy theorists. In February 58.1% of bots on the internet in February could mimic human behaviour. They disguise their identity and create fake accounts on social media sites to post their masters' propaganda as a genuine user. With such advanced bots, spreading disinformation becomes easy for countries such as Russia.
The WHO has already warned nations to manage fake news because the impact of information — true or false — especially in times of fear, uncertainty and confusion is greater. And the EU’s European External Action Service has wanted about Russia’s aggressive exploitation of the novel virus to push disinformation and weaken western society using bots. We expect the US Presidential Elections will be increasingly targeted over the coming months.
31.3% of e-commerce traffic was from bad bots making it the second most targeted industry by bad bots in February. The sector witnessed an unexpected surge in bad bot traffic after the rise of coronavirus pandemic. In particular sites selling masks or sanitiser were hit hard – see charts in the report. These automated attacks are aimed at performing denial of inventory attacks, hoarding these essential products to sell in black markets, or even scraping product details to list similar products on malware-ridden sites to scam people.
Phishing in relation to CV-19 is rising as a result of fear and in the UK alone, coronavirus scams costed victims over £800,000 (the equivalent of nearly USD 1M) in one month (February 2020 – source National Fraud Intelligence Bureau).
Radware has issued a more detailed report ‘The Big Bad Bot Problem’ on the 2019 bot landscape and 2020 threats. Key findings:
- In 2019, overall bot traffic grew by 10% year over year, of which the bad bot traffic grew by 26%.
- Sophisticated bots that can mimic human behaviour and deceive conventional security measures increased 18% and now account for 45% of the bad bot traffic.
- Automated attacks on mobile phones and APIs are rising. Bad bot traffic accounted for 15.4% of total traffic on mobile devices and 16.6% of total traffic.
- e-commerce is the industry that is most targeted by bad bots, followed by travel.
- The use of bad bots to disseminate misinformation is likely to increase in 2020 in response to events such as elections and the COVID-19 pandemic.
- The increase in automated attacks on APIs is expected to intensify as more APIs are deployed to facilitate communication between web applications.