According to research from Distil Networks, last year was the first time in history that bots actually outnumbered people on the web.
Bots are computer programs that have been coded to either automate a task or pretend to be a person and have probably been on the Internet longer than many of us. Bots can be either good or bad. For example; Google uses bots to crawl and catalog the web so when you run a search the search engine is then able to deliver pertinent results.
However, hackers also utilize bots for all sorts of nefarious activities, from lifting credit card numbers from online stores to scraping the content of websites and re-using it without permission (the nerve of some bots!). In fact, blogs such as DCT get hit hard by bad bots. Surprisingly, smaller websites are generally more vulnerable to bots than larger ones because they are often less secure. Hackers target them in order to collect usernames, passwords, and other credentials which, because people tend to use the same usernames and passwords all over the place, can often lead to bigger rewards.
The Distil Networks paper reveals that almost 60% of 2014’s web traffic consisted of automated bots, 23% of which are bad bots performing nefarious deeds for fraudsters and hackers. Even if we assume that a fair proportion of the remaining 37% of bots are entirely benign, that’s still a heck of a lot of bots scraping information, malicious or otherwise.
And, according to Distil CEO, Rami Essaid, “It’s getting worse. Over the past ten years, they [bots] went from just kind of being out there and easy to detect to being really, really sophisticated.”
It’s pretty scary just how many of these types of security related papers are reporting substantial increases in malware numbers and similar malicious payloads with cyber-criminal activity seemingly increasing at an alarming rate. While Distil Networks is primarily involved with protecting websites, these findings are also relevant for home PC users.
The common advice remains pertinent and our best line of defense:
- Use strong passwords and never use the same username and password combination twice.
- Only enter your credit card details and other critical information on secure sites.
- Keep your software (including browser plugins and antivirus) always up to date.
- Do not click on embedded links or open attachments unless the source can be verified.
- Always be mindful, cautious, and vigilant.
In the interests of full disclosure; the Distil Networks company’s primary interest is selling bot protection to websites:
About Distil Networks:
Founded in 2011, Distil Networks is the leading public and private cloud security provider that blocks malicious bots, or automated computer programs, attacking your website.
Make of that what you will.