eCommerceNews Australia - Technology news for digital commerce decision-makers
Australia
Guides
#
commerce systems
#
customer data platforms
#
data analytics
#
marketing technologies
#
payment technologies
Search
Story image
#
AI
#
Cybersecurity
#
Online security

Bad bot evolution: AI bots challenge online security measures

Today
Author image
By Melania Watson, Interview Editor

Barracuda researchers have uncovered that bad bots are evolving to become more sophisticated and human-like, boosting their success rates in account takeovers and other automated attacks.

In their recent findings, it was noted that a new category of AI bots, potentially termed "grey bots," is blurring the line of legitimate activity. These bots have combined advanced machine learning capabilities with more traditional automated functionalities, posing a challenge to distinguishing them from human users.

The investigation has revealed several key insights based on barracuda web applications and APIs analytics from September 2023 to August 2024.

Bad bots constituted 24% of overall internet traffic in 2024, showcasing a drop from 39% noted in 2021. However, the proportion of individual bad bots rose to 44% of detected clients, from 36% the previous year.

Among the various bot types, 49% were identified as "advanced bots," with the majority capable of mimicking human behaviour and overcoming standard online security barriers such as CAPTCHA and rate of traffic controls. Tushar Richabadas, Principal Product Marketing Manager at Barracuda, commented, "While it is good news that the proportion of bad bots in internet traffic has declined, our deeper analysis shows that the range of bad bots has risen over the last 12 months and many of these are advanced bots."

The study categorises two other bot types as "impersonator" bots, designed to replicate human responses for malicious activities like fraud, and "violators," which have a history of participating in undesirable activities.

Richabadas further added, "Bad bots are bad news for business. They can steal data, commit fraud, exploit vulnerabilities, overload websites with traffic, spread spam, skew business analytics, disrupt services for legitimate customers, and more. We also see an emerging category of 'grey bots': AI bots designed to extract or scrape large volumes of data from websites."

The findings underscore the importance of establishing strong defences against bot attacks to protect the integrity of online services. A multilayered defence structure is recommended, which involves strong application protection security and specialised anti-bot protection strategies.

Implementing robust access controls such as multifactor authentication is crucial to safeguarding vulnerable points against brute force and credential-stuffing attacks.

Understanding the evolving threat landscape posed by bad bots is critical for organisations aiming to secure their digital assets. "Strong defences against bot attacks are more important than ever," said Richabadas, highlighting the need for vigilant protection measures.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Yubico launches enrolment suite for Microsoft users
Microsoft 365 Copilot enhanced with AI & new features
Neo4j surpasses USD $200m ARR, eyes further AI growth
Dell expands AI Factory with Microsoft to boost AI solutions
RobobAI unveils AI platform for optimising B2B payments
Top stories
SMBiT joins DSI to help develop SMB cybersecurity standard
Locad secures USD $9m to expand AI-driven logistics
Matrak enhances sustainability with CBME partnership
The third industrial revolution: a new era for business and society
Australians embrace AI chatbots for holiday shopping rush