Bot attacks persist as top threat in 2024

Bot attacks doubled in number last year, making it one of the fastest-growing cyber threats.

The number of bot attacks nearly doubled throughout 2023. The end of the year saw the peak of bot activity, with a staggering increase of 32%.

According to the latest report by cybersecurity firm Qrator Labs, December stood out as the most active month of the fourth quarter, accounting for 1.77 billion blocked bot attacks.

According to analysts, the biggest increase in attacks was against the online retail market, which saw almost twice the amount of attacks compared to the previous year. AI bots are the most active in this sector.

“This surge is primarily attributed to the growing interest of bot operators in this sector and the overall uptick in bot activity,” says Victor Zyamzin, the Chief Business Officer at Qrator Labs.

Online retail also experienced record-breaking incidents of bot attack spikes from the second to the fourth quarters. The largest bot attack, totaling 30,527,990 requests, was recorded on December 13th, while the fastest attack occurred on November 3rd, coinciding with the busiest sales period.

At its peak, the attack speed reached 51,200 bot requests, four times higher than the fastest attack recorded in the second quarter, which also occurred in the e-commerce segment.

The most targeted sector remains the betting industry, accounting for 30.9% of all bot requests in the fourth quarter. The pharmaceutical segment showed signs of stabilization after a spike in the third quarter, with bot activity decreasing by 25%.

During the fourth quarter, there was a notable shift in the methods of bot distribution. Compared to the third quarter, the number of web scripts – basic bot requests to web pages – saw a substantial increase of 49.4%. Additionally, complex requests originating from browser bots experienced a notable uptick of 5.6%.

These changes represent a significant departure from previous trends and mark the highest levels observed throughout the entire year of 2023.

Analysts see a significant shift in online activity dynamics during the fourth quarter of the year. Typically, bot activity has been more dominant compared to human-generated requests to web pages. However, during this particular period, the number of requests made by human users to web pages surpassed the volume of bot activity, specifically on mobile APIs.

The number of API requests from bots significantly decreased compared to the third quarter – from 69% to 45%, and in December, it almost halved compared to September.

AI bots, like OpenAI’s website crawling tool GPTbot, are primarily interested in web content. This shift provides a notable increase in script and browser bots on the web.

“The drop in interest from bot operators in attacking mobile APIs could be the start of a new trend, but we’ll have to wait until 2024 to be sure. What is clear for now is that we’ll probably see more bot attacks this year,” points out Zyamzin.

More from Cybernews:

The $100 cybersecurity budget – how cyber pros would spend it

Russian-state hackers escalate Microsoft email breach, CISA warns

Cybergang attack Germany using AI-generated code

Apple warns of 'mercenary spyware attack'

LockBit bungles attempt to rebrand as DarkVault

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked