cross-posted from: https://infosec.pub/post/11194362

49.6% of all internet traffic came from bots in 2023, a 2% increase over the previous year, and the highest level Imperva has reported since it began monitoring automated traffic in 2013. For the fifth consecutive year, the proportion of web traffic associated with bad bots grew to 32% in 2023, up from 30.2% in 2022, while traffic from human users decreased to 50.4%. Automated traffic is costing organizations billions (USD) annually due to attacks … More → The post Bots dominate internet activity, account for nearly half of all traffic appeared first on Help Net Security.

  • maegul (he/they)
    link
    fedilink
    English
    arrow-up
    65
    ·
    7 months ago

    Yea. Along with web rings, human-focused search and just harbouring communities better … we gotta start building people-focused online gardens and ditch this capitalistic hustle shit.

  • elgordio@kbin.social
    link
    fedilink
    arrow-up
    51
    ·
    7 months ago

    My CDN bill recently went from about $5 a month to over $200. Turned out it was Tictok’s spider relentlessly scraping the same content over and over again.

    It was ignoring robots.txt. In the end I just had to ban their user agent in the CDN config.

  • Dave@lemmy.nz
    link
    fedilink
    arrow-up
    31
    ·
    7 months ago

    What proportion of the bots were fediverse servers syncing with each other?

    • thanks_shakey_snake@lemmy.ca
      link
      fedilink
      arrow-up
      40
      ·
      7 months ago

      Yeah, I’m wondering about how they characterize “bot activity.” It seems like “any traffic not proximally related to a user’s synchronous activity” is a little too broad.

      I’m not sure if fediverse syncing is bot activity. Or my laptop checking for software updates while I’m sleeping. Or my autopay transactions for utility bills.

      • luciole (he/him)@beehaw.org
        link
        fedilink
        arrow-up
        18
        ·
        7 months ago

        From the org’s definition of bots, I’d say it’s implicit that bot activity excludes expected communication in an infrastructure, client-server or otherwise. A bot is historically understood as an unexpected, nosy guest poking around a system. A good one might be indexing a website for a search engine. A bad one might be scraping email addresses for spammers.

        In any case, none of the examples you give can be reasonably categorized as bots and the full report gives no indication of doing so.

        • Mirodir@discuss.tchncs.de
          link
          fedilink
          arrow-up
          7
          ·
          7 months ago

          I’d argue that with their definition of bots as “a software application that runs automated tasks over the internet” and later their definition of download bots as “Download bots are automated programs that can be used to automatically download software or mobile apps.”, automated software updates could absolutely be counted as bot activity by them.

          Of course, if they count it as such, the traffic generated that way would fall into the 17.3% “good bot” traffic and not in the 30.2% “bad bot” traffic.

          Looking at their report, without digging too deep into it, I also find it concerning that they seem to use “internet traffic” and “website traffic” interchangeably.

    • rammer@sopuli.xyz
      link
      fedilink
      arrow-up
      1
      ·
      7 months ago

      Don’t forget that porn is a huge chunk as well. Between bots and porn there’s little left.