Thalesworld leader in high technology, today publishes the BAD BOT 2025 report of Imperva, a global analysis of automated traffic on the Internet. The 12th edition of this annual report reveals that generative artificial intelligence (IA) revolutionizes the development of bots, allowing less sophisticated actors to launch a greater volume of attacks with increased frequency. Today, pirates are also using AI to improve their techniques in order to go around safety measures more effectively, taking advantage of a Baas (Bots-as-A-Service) ecosystem).
This press release contains multimedia elements. See the full press release here: https://www.businesswire.com/news/home/20250415266422/fr/
©Thales
For the first time in the past ten years, traffic from automated boots has supplanted that of human origin, representing 51 % of the entire Internet traffic in the year 2024. This progression is largely explained by the development of AI and major language models (LLM), which simplify the creation and large -scale deployment of boots for malicious purposes. With the democratization of AI tools, cybercriminals are increasingly exploiting these technologies to create and deploy malware, these now representing 37 % of the whole Internet traffic, that is a significant increase compared to the 32 % of 2023. Right up for the sixth consecutive year, traffic generated by malicious bots challenges companies, which fight to protect their resources digital.
Travel and retail sectors are both victims of this trend, malware representing 41 % and 59 % respectively from their traffic. In 2024, the travel industry became the privileged target, counting for 27 % of all BOT attacks combined, against 21 % in 2023. The most notable development in 2024 is the decline in advanced BOT attacks against the travel industry (which increased from 61 % in 2023 to 41 %) and the clear increase in simple boots attack (52 % against 34 %). This change shows that the automation tools powered by AI facilitate the task of attackers, allowing less sophisticated actors to launch more basic bots. Thus, rather than relying exclusively on sophisticated techniques, cybercriminals opt more for simpler bots, which they use in larger volumes to flood travel sites, which results in more frequent and more extensive attacks.
Boom in Bots fueled by AI: cybersecurity enters a new era
The emergence of advanced AI tools, including Chatgpt, bytespider Bot, Claudebot, Google Gemini, Perplexity AI, or Cohere AI, not only transform interactions with users, but also the methods used by cybercriminals. According to the Threat Research of Imperva team, very common AI tools are exploited to lead cyber attacks, bytespider Bot being responsible for 54 % of all AI attacks. Among the other most used tools are Applebot (26 %), Claudebot (13 %) and Chatgpt User Bot (6 %).
“This increase in the number of bots fueled by AI has serious repercussions on businesses around the world,” said Tim Chang, Director General Security of Applications, Cybersecurity Products at Thales. “At a time when automated traffic represents more than half of all the activity on the Internet, companies face an increased risk of attack by malicious bots, which proliferate day by day. »»
Increasingly clever to use AI, attackers are able to implement a whole series of cyberrencies, ranging from attacks by denial of service (DDOS) to the exploitation of specific rules, including API violations. Increasingly sophisticated, the attacks carried out by bots pose important challenges in terms of detection.
“This year’s report highlights the evolution of tactics and techniques used by computer hackers. What was once considered as advanced escape methods has now become a common practice for many malicious bots, “said Chang. “In this rapidly evolving environment, companies must develop their strategies. To build a resilient defense against constantly evolving threats linked to bots, it is essential to adopt an approach that is both adaptive and proactive, using sophisticated tools to detect bots and complete cybersecurity management. »»
Malventy bots targeting the business logic of APIs pose an increased threat to modern companies
The recent conclusions of the Threat Research of Imperva team testify to a significant increase in the attacks against APIs, 44 % of advanced bot trafficking taking these target interfaces. These attacks are not limited to submerging the termination points of the APIs; Rather, they target business logic which defines their functioning in a more complex way. Cybercriminals deploy bots specifically designed to exploit vulnerabilities in API flows, engaging in automated fraud to payments, embezzlement or data exfiltration.
The analysis made in the report shows that cyber attacks deliberately seek to exploit the termination points of the APIs which manage sensitive and high value data. This trend has particularly important repercussions for industries based on APIs for their critical operations and transactions. Financial services, health and electronic commerce, targets of choice for malicious actors on the lookout for sensitive information to steal, are the sectors most affected by these attacks of sophisticated bots.
APIs are the spine of modern applications: they allow communication between services, rationalization of operations and large -scale personalized user experiences. They serve as the basis for essential functions, such as payments treatment, logistical chain management and AI -based analyzes, which makes them essential to improve efficiency, accelerate product development and unlock new sources of income.
“The business logic inherent in APIs is powerful, but it also creates unique vulnerabilities that malicious actors hastened to exploit,” explains Mr. Chang. “At a time when companies adopt cloud-based services and microservice architectures, it is essential to understand that the characteristics that make the APIs essential can also expose them to risk of fraud and data violation. »»
Financial services, health and online commerce are high -risk sectors
In its in -depth analysis, the BAD BOT 2025 of Imperva report highlights the most risky sectors. Financial services, health and e-commerce are the most affected sectors. Indeed, these industries, which rely on APIs for their critical operations and transactions, are the privileged targets of sophisticated bots attacks.
The financial services sector is that which has been the most targeted by attacks by taking account control (account takeover – ATO), which represent 22 %of all incidents, followed by that of telecommunications and internet access providers (18 %), and that of IT and information technology (17 %). Financial services have long been a privileged target of Ato -type attacks because of the high value of these accounts and the sensitive nature of data at stake. Banks, credit card companies and fintech platforms have large amounts of identifiable personal information (PII), including credit cards and bank accounts, which may be sold advantageously dark web. Furthermore, the growing proliferation of APIs within this sector has expanded the attack surface, allowing cybercriminals to exploit vulnerabilities such as weak authentication and authorization methods, thus facilitating account hacking and data theft.
About the study
The 12th imperdi annual report on malicious bots is based on the observations of our research teams on threats and our security analysis services (SAS). Our analysis is based on the data collected from our global network in 2024, including the 13,000 billion requests for malware blocked in thousands of areas and sectors of activity. This data set provides key information on the activity of bots to help organizations understand the growing risks of automated attacks and to face it.
About Thales
Thales (Euronext Paris: HO) is a world leader in high technology for the defense, aerospace and cybersecurity & digital sectors. Its portfolio of innovative products and services helps meet several major challenges: sovereignty, security, sustainability and inclusion.
The group invests more than 4 billion euros per year in research & development in key areas, in particular for critical environments, such as artificial intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the group achieved a turnover of 20.6 billion euros.
LIENS
Thales group
Cybersecurity products
Cybersecurity solutions
The text of the press release from a translation should in no way be considered official. The only version of the press release that is faith is that of the press release in its original language. The translation must always be confronted with the source text, which will be a case law.
Consult the source version on businesswire.com: https://www.businesswire.com/news/home/20250415266422/fr/
