Malicious Bot Activity On the Rise in Healthcare

Healthcare websites saw more than 31 percent of all traffic originating from bots, Imperva’s latest Bad Bot Report revealed.

The internet has a bot problem, cybersecurity company Imperva suggested in its 2023 Bad Bot Report. Nearly half of all internet traffic came from bots in 2022, while human traffic dipped to its lowest level in eight years.

Bots are not inherently bad – they can help automate select tasks, measure customer engagement, or simulate conversations. However, malicious bots can help threat actors launch denial-of-service attacks, distribute malware, or crack passwords. Imperva observed an uptick in bad bot traffic volume for the fourth consecutive year, growing to 30.2 percent in 2022, compared to 27.7 percent in 2021.

“Bad bots interact with applications like legitimate users would, making them harder to detect and block. They abuse business logic by exploiting the way a business operates, rather than exploiting technical vulnerabilities,” the report stated.

“They enable high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.”

Healthcare websites in particular experienced 31.7 percent of traffic originating from bad bots. These bots may result in healthcare data breaches, scraping of sensitive health information, or account takeovers. What’s more, this data may be sold on the dark web for profit after the fact, Imperva suggested.

“Another risk posed by bad bots in healthcare is overloading their systems through Distributed Denial of Service (DDoS) attacks, which overload healthcare websites and systems, making it difficult for patients and healthcare providers to access the information and services they need,” the report noted.

“At the time of writing these lines, Imperva has monitored an increase in DDoS attacks on US healthcare organizations by the Pro-Russian hacktivist group [KillNet]. This can be highly disruptive to telemedicine services, hindering communication between patients and providers. Bots can also spread misinformation and spam about healthcare, potentially leading to misdiagnosis, mistreatment, and other harmful outcomes.”

Imperva’s 2023 report also observed more advanced bots than ever, as bots steadily get better at hiding their true identities and successfully orchestrating attacks.

“Overall, bot activity on healthcare websites can be disruptive and costly, draining resources, causing downtime, and contributing to security breaches that require time and money to remediate,” Imperva noted.

Bad bots impact healthcare and other industries in a variety of ways, posing serious cybersecurity threats to organizations and individuals across the internet. But Imperva also suggested that even good bots can be deceptive.

“For example, if you advertise on your website, good bots can generate an impression, but that ad click never converts into the sales funnel. This results in lower performance for advertisers,” the report continued.

“It can also lead to skewed marketing analytics and incorrect decision-making based on them. Therefore, being able to intelligently distinguish between traffic generated by legitimate human users, good bots, and bad bots is crucial for making informed business decisions.”

Imperva suggested that businesses begin mitigating risk by protecting exposed APIs and mobile apps, monitor traffic, and remain aware of data breaches and leaks occurring across the industry.

Next Steps

Dig Deeper on Cybersecurity strategies