Title: Botnets Responsible for Majority of Malicious Internet Traffic, Reveals Report
According to a recent research report by cybersecurity experts from Trustwave, botnets are accountable for almost all malicious activity on the internet. The researchers analyzed an extensive amount of data from over 38,000 unique IP addresses, including 1,100 different payloads used in attacks. Their findings indicate that approximately 19% of recorded web traffic is malicious, with botnets responsible for over 95% of this malevolent activity during the six-month period analyzed, which ended in May of this year.
Among numerous botnets, a few notable ones stood out as leading contributors to exploit attempts. The Mirai, Mozi, and Kinsing botnets accounted for 95% of recorded exploits conducted via either HTTP or HTTPS protocols. These harmful malware families predominantly target vulnerabilities in Internet of Things (IoT) devices, seeking to compromise and assimilate them into their botnets.
To exploit these vulnerabilities, botnets leverage web shells, allowing them access to targeted endpoints and enabling further malicious actions. To protect themselves, businesses must prioritize robust security measures, including regular patch updates, strong access controls, frequent network security assessments, and constant monitoring of network traffic for any suspicious activities.
Regardless of size, location, or industry, businesses have always been attractive targets for cybercriminals. Botnets pose a significant threat as they can be utilized for a wide range of malicious activities, including distributed denial of service (DDoS) attacks, cryptocurrency mining, credential theft, and sensitive data exfiltration. With access to thousands of internet-connected devices, threat actors can overwhelm a single target with a massive influx of traffic, rendering their services inaccessible.
Furthermore, botnets can install cryptominers, such as the infamous XMRig, on compromised devices. By exploiting the device’s computing power, electrical resources, and internet bandwidth, criminals profit from cryptocurrency mining while leaving victims with unusable machines and inflated energy bills.
One of the most prevalent botnets is Mirai, first discovered by cybersecurity researchers back in 2016. Mirai has since grown into a powerful botnet with over 500,000 devices under its control. It primarily targets IoT devices running on Linux operating systems.
Although law enforcement has made some arrests related to Mirai, the botnet’s code survived and has been adopted by other threat actors, ensuring its continued prevalence as a formidable threat to this day.
A recent report from SC Media highlights a concerning trend: the proportion of human traffic on the internet has reached its lowest level in eight years. Despite this, not all bot traffic is malicious, as many serve critical functions that allow the internet to function optimally. However, over the past year, malicious bots have become more sophisticated, especially with the emergence of tools like generative AI, making them more challenging to combat.
The report emphasizes that businesses must act swiftly and prioritize defending their premises against bot activity as it approaches 50% of all internet traffic. Failure to take appropriate measures puts organizations, their customers, and their reputations at risk.
In Germany, the situation is particularly troublesome, with nearly two-thirds of internet traffic in the country originating from bots, as per cybersecurity researchers at Imperva. This represents a significant increase compared to the previous year, while human-generated traffic proportionately decreased.
In conclusion, the Trustwave research highlights the significant role botnets play in generating malicious internet traffic. As these botnets continue to evolve and pose a growing threat, businesses must remain vigilant by implementing robust security measures to protect their networks, devices, and sensitive data, safeguarding themselves and their customers from potential cyberattacks.
