Almost a third (29%) of all website visitors in 2016 was an attack bot and 94% of websites experienced at least one bot attack in a 90-day period, according to a new Imperva report.
The annual statistical study, which examined over 16.7 billion visits to 100,000 randomly-selected domains, found that impersonator bots are the most active attackers for the fifth year running.
In 2016, they were responsible for 24% of all traffic on Imperva’s network. Impersonator bots are most commonly used to launch distributed denial of service (DDoS) attacks and the most famous examples today include Mirai, Nitol and Cyclone.
Not all bots are harmful: last year saw a 4.4% increase in good bot – search engine bots, commercial crawlers, feed fetchers and monitor bots – activity. Both good and bad bots combined make up the majority of website visitors at 52%.
Feed fetchers were the most active good bot in 2016, responsible for 12% of all traffic. The majority of their activity can be attributed to usage of mobile apps, reflecting the shift to mobile by human users.