Chances are, you didn’t know that real, live humans account for just 52.6% of all traffic and engagements on the internet, and that this percentage is on the decline (down from 57.7% in 2021).
Who or what else accounts for the remainder? An organization called Imperva issues an annual report, this year toting up all the internet interactions for 2022. It found that the remaining 47.4% of internet traffic is conducted by ‘bots’—that is, software applications that run automated searches and other tasks. They can populate social media sites, scrape websites for data, and undertake such criminal activities as taking over user accounts or attacking company servers.
The report breaks out the ‘bot’ traffic between ‘good’ and ‘bad’ bots. It notes that even the good bots, which are often used for research and evaluating what information is available online, can have pernicious consequences, like visiting websites and making them appear more popular than they actually are with actual humans. (The ‘pernicious’ consequence is skewed marketing analytics.)
But the bad bots, according to the report, are more numerous, and their impact is more nefarious. Bad bots account for 30.2% of web traffic, used to target company websites and sometimes shut them down, steal sensitive data and gain illegal access to user accounts. In one case cited in the report, malicious bots launched a massive account takeover attack on an online bank, causing a large number of account lockouts and online fraud occurring in hacked accounts. Bots are used to buy up popular concert and other event tickets, which can then be resold (scalped) at higher prices than people would pay if they could have gotten access to the sales sites directly.
For some reason, the U.S. seems to be uniquely attractive to these bad bots; American websites are target by 41.8% of global bad bot traffic; the next highest country is Australia at 16.4%. No other country is above 7%. Financial services are the most heavily targeted by attacks, accounting for 37.8% of all attacks.
The paper doesn’t offer any broad solutions, but it does warn that all of us are increasingly at risk of having our finances, our identity or our data filched by non-human agents, which generally means we need to take precautions to protect any internet connection where we use a password.