The 2023 Imperva Bad Bot Report: the impact of generative AI
• Imperva Bad Bot Report reveals a new democratization of bot-use.
• GenAI voice cloning could be a major new weapon for bot activity.
• 2023 a significant year for increased web-scraping.
In the tenth annual Imperva Bad Bot Report, there’s enough data on bot activity to let you reach several important conclusions that should govern elements of your business plan.
In Part 1 of this article, we spoke to Peter Klimek, Director of Technology, Officer of the CTO, at Imperva, about the significant rise in the number of bad bots out there, and how they’re making themselves felt as a fundamental part of how the internet works to everyone’s disadvantage, and the profit of bad actors.
In Part 2, we got specific and talked about the rise in bad bot attacks on APIs particularly, as outlined by the data in the Imperva Bad Bot Report for the year.
While we had Peter in the chair, it has now become mandatory under the UN Convention of Tech Journalism that we ask him how the whole bad bot situation is being affected by generative AI.
Ah, yes. I love this one.
We thought you might at least have had significant practice at answering it. So what sort of impact is generative AI having on the sophistication, targeting, and proliferation of bad bots? What data does the Imperva Bad Bot Report actually carry on it?
It’s fair to caveat this response with the admission that it’s still early days for us, we’re still getting a better understanding of what we’re seeing here. But there are really three themes that I’m seeing personally that are emerging right now.
Imperva Bad Bot Report – three themes on GenAI.
The first impact is that generative AI is really lowering the barrier to entry when it comes to creating a bot.
If you think about it, if you have absolutely no programming experience, and you want to build your first bot to go and scrape your favorite website for whatever reason, you can use generative AI and ask it a couple of quick questions. And it’s going to give you working code to build a very simple bot.
It’s not going to be very advanced, but at least you can know something in a matter of minutes, and it will probably work.
So I think that’s one of the bigger things: it’s democratizing or opening up access to various people, effectively lowering the bar to entry when it comes to being able to create bots.
Believe it or not, that’s a relatively benign example. But it’s something that organizations will have to deal with. The second impact is kind of an interesting one. We don’t have any specific data on this yet, so this is not Imperva Bad Bot Report sanctioned, but we’re really interested to watch what happens here.
The generative AI models themselves are trained on a vast amount of data that was scraped from the internet. I would say that much of this data is dubiously or non-ethically sourced, in many instances.
Imperva Bad Bot Report: web-scraping gold rush?
Now, different businesses will have different practices around what they do. But at the end of the day, I think with the increase in funding for generative AI companies that have gone in heavily on this technology, we’re effectively entering a kind of a gold rush phase, if you will, where these companies are going to be trying to build models as quickly as possible, they’re going to be trying to build domain-specific models.
There’s a very high likelihood that that means we’re going to see the amount of broad internet scraping attacks go up.
If we go back to look at the Imperva Bad Bot Report, this year we were able to do a ten-year retrospective, and the closest parallel I can give you to this kind of gold rush is in 2014, when there was a massive spike in good bot traffic. And when I went back and asked our threat research team about that, I said, “Why was 2014 so different for good bot traffic?” They said “That’s the year that Bing and DuckDuckGo came online.”
What happened was two new search engines were aggressively growing and crawling the internet and pulling this data. And now we classify those as good bots, because they clarified and declared that they were search engines, but it’s a really good example of what happens when you have someone or something really big trying to come online.
Release the GenAI Kraken!
Sorry, just thinking out loud.
YOU MIGHT LIKE
The 2023 Imperva Bad Bot Report: APIs under attack
Imperva Bad Bot Report: bargain basement influence fraud.
The third impact could be the biggest of the lot. It’s the reduced cost of either scams or influence fraud operations as a whole. A really good example here would be your classic romance fraud, your catfishing attacks.
Historically, these types of operations relied on human operators, so they wouldn’t be classified as a bad bot attack, because they had a human that was actually sitting behind the computer keyboard, typing in the responses.
Now, fraudsters can automate their generative AI to do all that.
Catfished by a chatbot. There’s something monumentally grim and sad about that.
This is one of the bigger challenges, and one that we’ll probably end up seeing and having to deal with more and more in the next few years.
You mentioned the potentially suspect data on which the large language models have been trained. We spoke to someone recently who said Google had released details of the Bard training data, and around 40% of it was either unverified, non-factual, obviously biased or had potential PII in it, so that’s got to be viewed as a source of model vulnerability, surely? And of course, the other big players haven’t released the details of their training data, because there is no regulation that says they have to.
Yeah. I just saw something that speaks to the increase in how much bots are going to be tied to the future of generative AI, and it’s this. There’s a social media influencer with a fan base of millions.
Apparently, she previously had a premium Telegram channel where she would spend five hours a day talking with her fans, providing access and things like that.
She recently partnered with a generative AI startup where they used all of her communications in the past to effectively train a model that mimics her, and now she’s selling access and time with her bot – that’s effectively mimicking her past responses.
Pay me real money to spend time with my bot? That’s pretty mind-blowing, right enough – but it’s in line with stories we’ve read of South Korean social media influencers which are entirely AI, with actors hired for motion-capture when the influencers need to interact with real 3D objects.
Possibly this is a legacy mindset, but have to ask where the value in those interaction are coming from.
Imperva Bad Bot Report: voices of deceit.
And also, you mentioned the democratization of bad actorship – if people want to create simple bots, there’s a GenAI now that will help them do it.
We attended a roundtable recently with one of the big security companies, and they showed research they’d done on the dark web where for instance, GenAI was being used to deliver significantly more effective and believable phishing scams as a service. Easily breaking down language barriers to successful phishing and so on.
Yeah, I think that is one of the big ones, too. Phishing is already one of the biggest threat vectors that every organization has to deal with today. And the sophistication of those attacks has just become all the more potent now.
And it’s even moving beyond things like email. This is one of the things that’s getting really sophisticated. 60 Minutes just had a great piece over the weekend, where someone showed how they clone a voice and effectively create a scam. And with that cloned voice, they were able to go and get the person’s passport number.
I’ve spoken with US law enforcement, and that was one of the big things that they called out right away, it’s a big concern to them. You’ve got certain public officials in an organization like a CEO, CFO, they’re regularly doing calls, speaking events, things like that, so their voices can be cloned fairly easily.
So yeah, there’s definitely going to have to be a new level of diligence that organizations are going to need to apply to… literally everything now.
In the final part of this article on the data and conclusions of the 2023 Imperva Bad Bot Report, we’ll take a look at bots in hiding, the geopolitics of bad bots, and what the future of bad bots – and of corporate vigilance – might look like.
Sure, combine bots and an evolving AI. What could possibly go wrong?
28 September 2023
28 September 2023