The AI Bot Epidemic: The Imperva 2025 Bad Bot Report
madhav
Tue, 04/22/2025 – 17:10
<
div>
The ubiquity of accessible AI tools has lowered the barrier to entry for threat actors, helping them create and deploy malicious bots at an unprecedented scale. Moreover, generative AI (GenAI) simplifies bot development, which is seeing automated threats evolve swiftly. GenAI is helping them grow in sophistication and volume while honing their obfuscation techniques to help them fly under the security radar.
AI is also being used to amplify and simplify attacks and unpack failed attempts helping attackers refine their techniques to evade detection tools with greater precision. These cunning, complex bots put entities in every sector at significant risk.
Surpassing Human Traffic
As the volumes of automated traffic skyrocket, security teams need to adapt their approach to application security, as they are under pressure to fight not only human actors but automated bots that are seemingly always a step ahead.
According to the 2025 Imperva Bad Bot Report, titled “The Rapid Rise of Bots and The Unseen Risk for Business,” automated traffic overtook human activity for the first time in ten years, making up more than half (51%) of all internet traffic last year. This trend has been driven, for the most part, by the rapid adoption of AI and LLMs.
The surge in AI-driven bot creation has serious implications for businesses worldwide. As automated traffic accounts for more than half of all web activity, organizations face heightened risks from bad bots, which are becoming more prolific every day.
Concurrently, the report revealed that bad bot activity has risen for the sixth year in a row, with malicious bots now accounting for more than a third (37%) of all web traffic, a sharp rise from just over 30% in 2023.
Bot Attack Sophistication Trends
In 2024, “advanced and moderate” bot attacks together made up more than half (55%) of all bot attacks. Bot operators are using sophisticated techniques to mimic human traffic and carry out nefarious activities—which is why this type of attack is more difficult to detect and mitigate.
The report noted, however, a marked change in the complexity of bot attacks. Simple, high-volume attac
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: