Fastly Research Insights on Cyberattacks and Bot Traffic

Fastly’s Q1 2025 Threat Insights Report highlights a significant rise in cyberattacks targeting the commerce industry, which increased from 15% in Q1 2024 to 31% in Q1 2025. This shift indicates a growing focus on e-commerce platforms by cybercriminals. Additionally, the report notes that 37% of all internet traffic is generated by bots, with 89% of that traffic classified as unwanted. Understanding the distinction between wanted and unwanted bot traffic is essential for businesses to effectively manage their cybersecurity strategies. For more details, access the Fastly Q1 2025 Threat Insights Report. Fastly Logo Image courtesy of Fastly, Inc.

Bot Traffic Challenges

The report emphasizes the challenges posed by unwanted bot traffic, which can facilitate account takeovers, ad fraud, and data theft. Conversely, legitimate bot traffic, such as search engine crawlers, drives visibility to websites. The ability to differentiate between these types of traffic is crucial for businesses to minimize wasted resources on malicious activities. Simran Khalsa, Staff Security Researcher at Fastly, stated, “If you’re not actively managing bot traffic you could be spending on infrastructure, bandwidth, or performance that is effectively being wasted on serving malicious or non-productive traffic.” To combat these issues, companies can leverage tools like Fastly's Bot Management to protect their applications and enhance their security posture.

Impacts of Bot Traffic on Streaming Services

Bot traffic is increasingly affecting streaming services, especially during high-traffic events, leading to financial losses and user dissatisfaction. The Media & Entertainment sector is particularly vulnerable, with 21% of malicious bot attacks targeting this industry. Key types of bot attacks include:

DDoS Attacks

Distributed Denial of Service (DDoS) attacks can overwhelm streaming servers, causing disruptions and latency. These attacks can lead to significant financial losses, as seen with Apple's estimated $25 million revenue loss during a 2015 outage. To mitigate DDoS attacks, Fastly’s DDoS Protection utilizes advanced technologies to absorb large volumes of malicious traffic.

Account Takeover (ATO)

Account Takeover incidents pose risks of identity theft and unauthorized access to user accounts. Attackers often employ credential stuffing techniques, leveraging stolen login details to compromise accounts. Fastly’s Bot Management solution aids in detecting and preventing ATO incidents by identifying suspicious login attempts and patterns.

Mass Scanning and Exploitation Tactics

A recent Fastly report revealed that 91% of cyberattacks targeted multiple organizations through mass scanning techniques to exploit vulnerabilities. This trend highlights the need for robust cybersecurity measures across multiple platforms. Fastly's Next-Gen WAF serves as a protective layer for over 90,000 applications, analyzing billions of requests monthly to identify threats. Key findings from the report include:

91% of attacks targeted multiple customers, with 19% affecting over 100 organizations.
Bots accounted for approximately 36% of all internet traffic, emphasizing the necessity for effective bot management strategies.

Conclusion

To protect against the evolving landscape of cybersecurity threats, organizations can benefit from AI-powered solutions like GrackerAI. Designed to automate insight generation and streamline cybersecurity marketing efforts, GrackerAI enables teams to monitor trends, identify threats, and create relevant content that resonates with cybersecurity professionals. Explore our services at GrackerAI to enhance your cybersecurity marketing strategy and stay ahead of threats.