Distil's Inaugural Bad Bot Research Indicates Online Security Risk Deeper and
Broader than Heartbleed Bug
Bad Bots Outnumber Good Bots as a Percentage of All Web Traffic
Financial Services Serve Highest Bad Bot Traffic Than Any Other Industry
Mobile Bad Bots Now Running Across Nine of the World's Top Ten Mobile Operators
ARLINGTON, Va.--(BUSINESS WIRE)--Distil Networks, the worldwide leader in bot protection, today released its inaugural “Bad Bot Landscape Report.” The report is based on aggregate data from Distil Networks’ global, cloud-based bot detection and mitigation system that incorporates the world’s largest bot-tracking database with technology that identifies and tracks bad bots in real time.
“The bad bot landscape is evolving fast, causing varied levels of harm to all Internet stakeholders, especially website owners”
Additionally, in the wake of the Heartbleed security bug discovery, Distil Networks has created a bot to check the date of issue for SSL certificates; a required second step to follow bug patching to fix the problem. Distil’s bot research examined the top 10,000 global websites and found that 84% of them have applied the patch to fix the Heartbleed bug. Research completed on April 16 of this year, a week after Heartbleed zero day, indicates that fifteen percent of websites have not reissued certificates, while nine percent have done so. In the meantime, it is inconclusive if the remaining 76 percent of the leading global websites have reissued their certifications. This suggests an enormous online security risk still potentially exists for organizations, business users and consumers.
Distil’s Bad Bot Landscape research shows an even wider security risk lurks online. Distil performs bot tracking and mitigation on behalf of a wide range of organization types, from Fortune 500 companies to startup ventures. The results for the 2014 report reflect bot activity over the 12-month period of January 1, 2013 to December 31, 2013. During that time, Distil identified, fingerprinted and catalogued 2.2 billion bad bots, or 31 percent of the bad bots that exist in Distil’s database of 7-billion bad bots.
“The bad bot landscape is evolving fast, causing varied levels of harm to all Internet stakeholders, especially website owners,” said Distil CEO and Co-founder Rami Essaid. “Bad bot volume will continue to grow for one simple reason—bots are an effective means to an end for the dark side of the Internet community. The annual report presents significant bad bot data and dispels some widely held views regarding their origins. For example, more bad bots originate from the United States than any other country. The intent of the Distil Bad Bot Landscape Report is to provide a thorough understanding of bad bot origins and makeup to help organizations prepare for, and mitigate, this rapidly accelerating security threat.”
Bad bot traffic is undoubtedly on the rise. The Distil report reveals that bad bots nearly doubled in their percentage of all web traffic between the periods of Q1 2013 and Q4 2013, jumping from 12.25% to 23.6%. By contrast, the percentage of good bots to overall web traffic decreased over the same period, from 27.2% to 19.4%. The growth of bad bots over good bots provides a harbinger of the Internet’s future state. In fact, Distil continues to see the pace of new bad bots continue to rise during the first three months of 2014.
With bad bots representing nearly a quarter of all web traffic, organizations are paying hefty bandwidth cost premiums to support harmful traffic. Moreover, higher bandwidth usage impacts everyone across the value chain, from ISPs to business websites and consumers worldwide.
- More bad bots originate in the United States than any other country
- More than 1,100 ISPs and hosting providers serve bad bots as 70 percent or more of their total traffic
- Within the United States, bad bots attack most between 6pm and 9pm ET
- The biggest bad bot of 2013 was “Pushdo,” impacting 4.2 million IP addresses and approximately 4 million computers
- The Financial Services industry had more organizations serving a high percentage of bad bot traffic than any other industry
- The Mobile bad bot threat is gaining significance, with bad bots running across nine of the world’s top ten mobile operators
To download a copy of the report, please click here.
About Distil Networks
Distil Networks is the global leader in Bot detection and mitigation offering the first software-as-a-service solution focused on stopping automated attacks to make the web more secure. Distil works like a protective shield and blocks malicious bots, malware, and competitors that try to scrape or copy your website data without permission. Prevent web scraping, eliminate form spam and click fraud, reduce infrastructure costs and regain your competitive advantage with Distil Networks. Visit us on the web at distilnetworks.com.