Innovation

Why is almost three-quarters of all internet traffic in Ireland of malicious intent?

In 2022, retailers on ecommerce platform Shopify started to report unusual activity from Ireland

Have we become an online nation of hackers, scalpers and fraudsters? Probably not. Photograph: Brandon Bell/Getty

Chris Horn's face
Chris Horn
Thu Jul 4 2024 - 06:00

You’re running a successful shop in a small town in the American midwest. You decide to broaden your reach and so build a web presence using Shopify, an online ecommerce platform. You start selling your merchandise online and take out a few Meta/Facebook ads to promote your business. You come into work one morning, check your online activity and are astonished to see hundreds of sessions into your website from Ireland. You’ve never advertised in Ireland, never been there, and weren’t previously aware of any interest in your shop from the Irish. None of these Irish virtual visitors actually placed any orders with you. What’s going on?

Some online forums, including those used by Shopify users in both America and also the Middle East, started reporting unusual activity from Ireland in 2022. Ecommerce vendors flagged sudden and unexplained peaks in online traffic originating from Ireland. Various theories were exchanged as to why. Could it be Shopify’s Irish technical support team checking things? Could it be Google’s web crawler bot in Ireland indexing Shopify websites to collect data for its search engine? Could it be a Facebook Ireland bot updating its retail content from Shopify users?

A bot is a software application running an automated task. Some bots are “good” in that they monitor website performance or index website content for internet search engines, while respecting explicit permissions granted by each website owner to do so.

However, there are also malicious bots. They may attempt to extract data without permission from websites, such as pricing information for competitive reasons. Some scalp tickets for events and concerts for which tickets are limited, to resell those tickets later at a higher price. Some attempt to break into or mimic legitimate customer accounts, so as to defraud or even blackmail. Some try to hack into business interfaces made available over the web for other software apps. Bots often reverberate and amplify misleading or outrageous perspectives on social networks.

READ MORE

Imperva, a cybersecurity division within Thales, a French multinational aerospace, defence and security group, published its annual Bad Bots Report last April. Collecting data from its global network of customers using Imperva cybersecurity tools in 2023, Imperva found that, astonishingly, 49.6 per cent of global internet traffic came from automated bots, and thus barely half originated directly from humans.

Globally, 17.6 per cent of internet traffic monitored by Imperva came from good bots. But Imperva also identified more than six trillion bad bot internet requests made to thousands of websites across dozens of industries, accounting for 32 per cent of all traffic.

Many bad bots mimic human behaviour by masquerading as if from a web browser, and attempt to conceal that they are in fact an automated script. They may increasingly appear to be from a residential address, when they actually originate from a computer farm. They may also originate from malware unknowingly installed by a user. Advanced malicious bots often use a “low and slow” approach to try to avoid detection, quietly carrying out significant attacks using fewer requests.

Alarmingly, Ireland was the worst offender of 13 countries surveyed – bad bots comprised 71 per cent of the Republic’s internet traffic, up from 45 per cent in 2022

Worldwide, the government and legal sectors were the most heavily targeted by advanced bad bots, followed by the entertainment and financial services sectors. The US was the most targeted country, accounting for 47 per cent of all attempted attacks worldwide, with the Netherlands second at 9 per cent and Australia at 8 per cent.

Imperva suggest that one big reason for the recent increase in bad bot attacks is the rise of harvesting of vast quantities of data to train large language models and generative AI systems. Such harvesting is frequently contentious, arguably unethical and also increasingly facing legal challenges over copyright, privacy and intellectual property.

Alarmingly, Ireland was the worst offender of 13 countries surveyed – bad bots comprised 71 per cent of the Republic’s internet traffic, up from 45 per cent in 2022. Germany was second, at 68 per cent, and Mexico was third, at 43 per cent. The global average of bad bot traffic per country was 32 per cent, putting Ireland at well over twice the global average.

Why is almost three-quarters of all internet traffic in Ireland of malicious intent? Have we become an online nation of hackers, scalpers and fraudsters? Have the vast majority of Irish personal devices been tainted by malware to host bad bots? Probably not. However Ireland has become one of the global leaders in data centres, and perhaps at least some of these may be, presumably unwittingly, hosting bot farms. And perhaps, presumably wittingly, some of the top-tier internet players have been using their Irish data centres, among their others, to harvest data worldwide for training their generative AI models.

Imperva makes a number of recommendations to website operators to protect their systems from bad bot attacks, including, unsurprisingly, by use of Imperva products and services. But equally, it would seem timely for a national initiative to investigate why Ireland is home to such an extraordinary level of bad bots. Not only have they become a national embarrassment but they also waste our digital resources and energy.

READ NEXT
LATEST STORIES