SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
LLMs
#
AI

Bots surpass humans in online traffic, Thales reports

Yesterday
Author image
By Shannon Williams, Journalist

Automated bot traffic has overtaken human-generated activity on the internet, according to the 2025 Imperva Bad Bot Report published by Thales.

The research shows that bots now account for 51% of all web traffic, with malicious bots representing 37%, up from 32% in 2023. The report attributes much of this rise to the growing adoption of artificial intelligence (AI) and large language models, which are enabling both the proliferation and the sophistication of automated attacks.

Thales' data, derived from the blocking of 13 trillion bad bot requests across thousands of domains and industries in 2024, also highlights that bot activity has increased for the sixth consecutive year. Businesses face escalating security challenges as the use of advanced AI tools lowers the barrier for malicious actors to craft and deploy harmful bots.

Tim Chang, General Manager of Application Security at Thales, commented on the implications for organisations worldwide: "The surge in AI-driven bot creation has serious implications for businesses worldwide. As automated traffic accounts for more than half of all web activity, organizations face heightened risks from bad bots, which are becoming more prolific every day."

In the sector breakdown, the travel industry emerged as the most targeted for bad bot attacks, accounting for 27% of all such attacks—up from 21% in 2023. The retail sector followed, representing 15% of attacks. A notable change this year has been a shift in the types of bots targeting travel sites: advanced bot attacks on travel fell from 61% to 41%, while simple bot attacks rose from 34% to 52%. According to the report, this indicates that increased automation has enabled less technically skilled attackers to launch effective simple bots at scale.

The research finds that both the travel and retail sectors contend with significant proportions of bad bot traffic, with 41% and 59% of traffic respectively identified as such. The report suggests a growing trend for cybercriminals to use large volumes of basic bots rather than solely advanced techniques to overwhelm target industries.

The report also analyses the rise of particular AI-driven bots, such as ByteSpider Bot, which was responsible for 54% of all AI-enabled attacks. Other significant sources include AppleBot (26%), ClaudeBot (13%), and ChatGPT User Bot (6%). Attackers are using these advanced automation tools to refine their methods, including employing AI to analyse unsuccessful attempts and develop new strategies to evade security measures.

"This year's report sheds light on the evolving tactics and techniques utilized by bot attackers. What were once deemed advanced evasion methods have now become standard practice for many malicious bots," Chang said. "In this rapidly changing environment, businesses must evolve their strategies. It's crucial to adopt an adaptive and proactive approach, leveraging sophisticated bot detection tools and comprehensive cybersecurity management solutions to build a resilient defense against the ever-shifting landscape of bot-related threats."

The report highlights a significant rise in attacks targeting application programming interfaces (APIs). In 2024, 44% of advanced bot attacks were API-directed and targeted business logic, rather than simply overwhelming endpoints. Attackers are using bots to exploit vulnerabilities within API workflows, facilitating automated payment fraud, account hijacking, and the exfiltration of sensitive data.

Chang addressed the risks posed to APIs as organisations move towards cloud-based and microservices architectures: "The business logic inherent to APIs is powerful, but it also creates unique vulnerabilities that malicious actors are eager to exploit. As organizations embrace cloud-based services and microservices architectures, it's vital to understand that the very features that make APIs essential can also leave them susceptible to risk of fraud and data breaches."

Industries most reliant on APIs, such as financial services, healthcare, and e-commerce, are identified as facing the greatest threat from these sophisticated bot attacks. The report asserts that these sectors are often targeted due to the sensitive nature of the data managed by APIs, including payment processing and personal customer information.

Financial services recorded the highest incidence of account takeover attacks (22%), ahead of telecommunications and internet service providers (18%) and computing and IT (17%). Thales highlights that the increasing adoption of APIs in financial institutions has expanded the attack surface, with cybercriminals exploiting weaknesses in authentication and authorisation to access valuable account data.

The 2025 Imperva Bad Bot Report bases its findings on analysis from the Imperva Threat Research and Security Analyst Services teams. Study data comes from observations across the Imperva global network during 2024, with researchers analysing patterns and trends from more than 13 trillion blocked bad bot requests.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Illumio unveils AI security graph for cloud threat response
One in fourteen workers use China-based AI apps, study shows
Organisations face risk with open-source AI & cloud use
Cobalt report reveals gaps in critical vulnerability fixes
Cyber Threat Insure launches new model for MSPs in Aust
Top stories
Telstra tech helps Good Friday Appeal donations top USD $1m
Kaspersky reports record revenue, USD $822m in 2024
Kiteworks reveals the top data breaches of 2024 report
FireMon recruits four Skybox sales leaders for expansion
Hitachi Vantara unveils VSP One with AI ransomware defence