The fifth annual Distil Networks Bad Bot Report has the Russian Federation as the most blocked country by companies that have implemented country-specific IP block requests. The report, titled, “Bad Bot Report 2018: The Year Bad Bots Went Mainstream” looks at how bots are used by bad actors to perpetrate a wide range of nefarious activities.
2018 Bad Bot Report
According to Distil Networks, 2017 was the year bots went mainstream. And more people and organizations are aware of what bots are and how they can be used to compromise digital assets.
As bot attacks increase in frequency and become more sophisticated, small businesses have become more vulnerable. This vulnerability was highlighted in the latest SiteLock’s Website Security Insider Q4 2017 report, which revealed the average small business site experiences 44 attacks per day or 16,060 attacks per year. And bots now make up a large percentage of the arsenal of tools hackers use to disrupt your business.
In the press release, Tiffany Olson Jones, CEO of Distil Networks, pointed out how bots have taken over the public conversation as Russia’s alleged involvement in the 2016 US presidential election continues to be investigated. She adds, “Yet, as awareness grows, bot traffic and sophistication continue to escalate at an alarming rate. Despite bad bot awareness being at an all-time high, this year’s Bad Bot Report illustrates that no industry is immune to automated threats and constant vigilance is required in order to thwart attacks of this kind.”
Distil Networks specializes in bot mitigation, which it pioneered in 2011. The company protects websites, mobile apps and APIs from automated threats launched by fraudsters, hackers and competitors. The annual report analyzes hundreds of billions of bad bot requests at the application layer and provides insight and guidance on how automated threats function and impact today’s digital environment.
Some of the Key Findings in the Report
The unenviable position Russia finds itself in at the top of the most blocked country is followed by France, which is at a close second with 20.4 percent. Taiwan is at 12.2 percent, followed by the US at 11.6 percent, and Ukraine with 9.2 percent.
When it comes to bad bot traffic, the US continues to be number one with 45.2 percent. It was followed by China at 10.5 percent, and France, Canada and Germany at 9.9, 3.7, and 3.3 percent of the global bad bot traffic respectively.
In 2017, bad bot traffic grew by 9.5 percent compared to 8.8 percent for good bots. Overall good and bad bots made up 42.2 percent of the traffic, while humans accounted for 57.8 percent.
The challenge facing site owners is the growth of highly sophisticated bad bots. Distil Networks says Advanced Persistent Bots (APBs) continue to plague websites. These bots can change their identities and mimic human behavior, cycle through random IP addresses, and enter through anonymous proxies. The Advanced Persistent Bots now make up the majority of bad bots at 74 percent.
Bots will target your business. The reason and methodology will vary. And Distil Networks says there is, “No one-size-fits-all bot defense solution.” The following recommendations are steps you can take to protect your site.
- Block or captcha outdated user agent/browsers.
- Protect every bad bot access point.
- Carefully evaluate traffic sources.
- Investigate traffic spikes.
- Monitor for failed login attempts.
- Monitor increases in failed validation of gift card numbers.
- Pay close attention to public data breaches.
You can download the full 31-page report here for more insights into bad bots, along with more suggestions to protect your small business site.
Photo via Shutterstock