THALES
Thales, the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, today announced the release of the 2024 Imperva Bad Bot Report, a global analysis of automated bot traffic across the internet. Nearly half (49.6%) of all internet traffic came from bots in 2023—a 2% increase over the previous year, and the highest level Imperva has reported since it began monitoring automated traffic in 2013.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240416225637/en/
©Thales
For the fifth consecutive year, the proportion of web traffic associated with bad bots grew to 32% in 2023, up from 30.2% in 2022, while traffic from human users decreased to 50.4%. Automated traffic is costing organizations billions (USD) annually due to attacks on websites, APIs, and applications.
“Bots are one of the most pervasive and growing threats facing every industry,” says Nanhi Singh, General Manager, Application Security at Imperva, a Thales company. “From simple web scraping to malicious account takeover, spam, and denial of service, bots negatively impact an organization’s bottom line by degrading online services and requiring more investment in infrastructure and customer support. Organizations must proactively address the threat of bad bots as attackers sharpen their focus on API-related abuses that can lead to account compromise or data exfiltration.”
Key trends identified in the 2024 Imperva Bad Bot Report include:
- Global average of bad bot traffic reached 32%: Ireland (71%), Germany (67.5%), and Mexico (42.8%), saw the highest levels of bad bot traffic in 2023. The US also saw a slightly higher ratio of bad bot traffic at 35.4% compared to 2022 (32.1%).
- Growing use of generative AI connected to the rise in simple bots: Rapid adoption of generative AI and large language models (LLMs) resulted in the volume of simple bots increasing to 39.6% in 2023, up from 33.4% in 2022. The technology uses web scraping bots and automated crawlers to feed training models, while enabling nontechnical users to write automated scripts for their own use.
- Account takeover is a persistent business risk: Account takeover (ATO) attacks increased 10% in 2023, compared to the same period in the prior year. Notably, 44% of all ATO attacks targeted API endpoints, compared to 35% in 2022. Of all login attempts across the internet, 11% were associated with account takeover. The industries that saw the highest volume of ATO attacks in 2023 were Financial Services (36.8%), Travel (11.5%), and Business Services (8%).
- APIs are a popular vector for attack: Automated threats caused a significant 30% of API attacks in 2023. Among them, 17% were bad bots exploiting business logic vulnerabilities—a flaw within the API’s design and implementation that allows attackers to manipulate legitimate functionality and gain access to sensitive data or user accounts. Cybercriminals use automated bots to find and exploit APIs, which act as a direct pathway to sensitive data, making them a prime target for business logic abuse.
- Every industry has a bot problem: For a second consecutive year, Gaming (57.2%) saw the largest proportion of bad bot traffic. Meanwhile, Retail (24.4%), Travel (20.7%), and Financial Services (15.7%) experienced the highest volume of bot attacks. The proportion of advanced bad bots, those that closely mimic human behavior and evade defenses, was highest on Law & Government (75.8%), Entertainment (70.8%), and Financial Services (67.1%) websites.
- Bad bot traffic originating from residential ISPs grows to 25.8%: Early bad bot evasion techniques relied on masquerading as a user agent (browser) commonly used by legitimate human users. Bad bots masquerading as mobile user agents accounted for 44.8% of all bad bot traffic in the past year, up from 28.1% just five years ago. Sophisticated actors combine mobile user agents with the use of residential or mobile ISPs. Residential proxies allow bot operators to evade detection by making it appear as if the origin of the traffic is a legitimate, ISP-assigned residential IP address.
“Automated bots will soon surpass the proportion of internet traffic coming from humans, changing the way that organizations approach building and protecting their websites and applications,” continued Singh. “As more AI-enabled tools are introduced, bots will become omnipresent. Organizations must invest in bot management and API security tools to manage the threat from malicious, automated traffic.”
Additional Information:
- Download a copy of the 2024 Imperva Bad Bot Report for additional insights.
- See how Imperva Advanced Bot Protection, API Security, and Client-Side Protection can protect websites, mobile applications, and APIs from automated attacks and fraud without affecting the flow of business-critical traffic.
- Read the Imperva Blog for the latest product and solution news, and threat intelligence from Imperva Threat Research.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 81,000* employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
* These figures exclude the ground transportation business, which is being divested
PLEASE VISIT
Cloud Protection & Licensing Solutions | Thales Group
Cybersecurity Solutions | Thales Group
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240416225637/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
3Degrees Welcomes David Dines to Board of Directors11.12.2025 17:00:00 CET | Press release
3Degrees, a global leader in renewable energy and climate solutions, is pleased to announce the appointment of David Dines to its Board of Directors, effective December 8, 2025. Dines brings more than four decades of leadership experience across global energy, commodities, financial services, transportation, and industrial markets. He served on the executive team as Chief Financial Officer and Corporate Senior Vice President at Cargill, Inc., the largest privately held company in the United States, where he oversaw enterprise-wide financial strategy, capital deployment, and financial performance. During his 29-year career at Cargill, Dines led multiple global businesses, played key roles in major technology and process transformations, and was a member of Cargill’s Commodity Risk, Financial Risk, and Process, Data, and Technology Committees. “We are thrilled to welcome David to the 3Degrees board,” said Philippe Vedrenne, CEO, 3Degrees. “He has an exceptional command of financial stewa
ITC Infotech wins PTC Partner Network Award for FY25 in the PLM Category11.12.2025 15:40:00 CET | Press release
ITC Infotech’s DxP Services earns recognition for its strong PLM expertise, unwavering commitment to delivering customer value, and strategic collaboration with PTC to drive innovation through SaaS-led offerings and accelerate digital transformation for customers. ITC Infotech, a leading global technology services and solutions provider, has been awarded the PTC Partner Network Award for FY25 in the Product Lifecycle Management (PLM) category. This prestigious recognition, awarded to a single partner globally, celebrates excellence in deploying Enterprise PLM software, enabling global and cross-functional teams to effectively manage product data and providing a trusted system for product information. The award underscores ITC Infotech’s leadership in PLM-led digital transformation, as well as its strategic alignment with PTC’s Intelligent Product Lifecycle vision, which helps customers build a structured product data foundation that serves as the backbone for AI-driven transformation.
1X Announces Strategic Partnership to Make up to 10,000 Humanoid Robots Available to EQT’s Global Portfolio11.12.2025 15:00:00 CET | Press release
1X, the AI and robotics company behind NEO, the first ready-to-ship humanoid robot, today announced a strategic partnership with EQT, one of the world’s largest private equity firms and an investor in 1X through EQT Ventures. The partnership marks the beginning of what could become a large-scale commercial rollout of general-purpose humanoid robots across multiple industries. Together, 1X and EQT have a shared intent to facilitate the rollout of up to 10,000 humanoids across EQT’s global portfolio companies between 2026 and 2030, with any potential implementation decision ultimately taken by each portfolio company. The partnership represents an early step in bringing humanoid robotics into mainstream commercial use. Through this collaboration, EQT’s portfolio companies will gain early access to 1X’s commercial production capacity and integration expertise, giving early adopters a first-mover advantage in addressing structural workforce transformation. The partnership will focus on high
Texas Card House to Host World Series of Poker® Circuit in 202611.12.2025 15:00:00 CET | Press release
Exclusive partnership brings the World Series of Poker to Texas for the first time. The World Series of Poker (WSOP) has announced that Texas will join its exclusive ranks as an official stop on the 2026 Circuit Tour for the first time in history. Through an exclusive partnership with Texas Card House, the iconic WSOP Circuit will be hosted in Austin, at TCH Social from April 23rd to May 4th 2026. TCH Social is one of the Texas-based company’s flagship locations featuring up to 70 poker tables, a full-service restaurant, craft cocktails, and an upscale atmosphere. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251211428594/en/ Texas Card House Social Austin, the first-ever Texas venue to welcome the WSOP Circuit. During the event, Texas will become the center of the professional poker universe. Players from around the world will compete at the Texas Card House in Austin to claim a championship WSOP Circuit ring, enormous pri
Nexo Acquires Buenbit in Major Expansion Across Latin America11.12.2025 15:00:00 CET | Press release
The acquisition combines Nexo’s comprehensive award-winning product portfolio with Buenbit’s CNV-registered operations and strong local expertise.Global digital assets leader Nexo establishes Buenos Aires as its Latin American hub, supporting long-term investment and partnerships across Argentina, Peru, and Mexico.Buenbit clients to gain access to Nexo’s full suite of products, top-tier security, and personalized client care. Nexo, the premier digital asset platform with $11 billion in assets under management, today announced its acquisition of Buenbit, one of Latin America’s most trusted and fastest-growing crypto platforms. This strategic transaction marks a milestone in Nexo’s global scaling, uniting the company’s advanced liquidity infrastructure and high-yield products with Buenbit’s deep local expertise and strong customer base. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251211358777/en/ The acquisition combines Ne
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom