In 2025, bot attacks became an even more serious threat to the stable functioning of websites. As it had been projected, their amount continues to grow, further complicating the functioning of businesses globally.
Particularly alarming is the dramatic emergence of DDoS-attacks, capable of paralyzing the functioning of websites, stop the service of clients, and lead to significant financial losses. While large companies have the resource for timely response and recovery after attacks, small and medium businesses often cannot take even short-term interruptions. During the past year, financial services and the online gaming industry suffered the most. The increase of such threats is partially connected to the geopolitical tension in east Europe and East Asia.
According to Cloudflare, over 21 million DDoS attacks were blocked in 2024—53% more than in 2023. Among them, the most massive attack in history, with a volume of 5.6 Tbit/s, was directed toward an ISP in East Asia.
According to this year’s report by Imperva, the portion of bad bots in the global traffic grew to 37%. Overall, automated traffic superseded human traffic for the first time—51% of all requests on the web. One of the reasons for this is the use of poorly secured IoT devices: from smart watches and TV-sets to industrial sensors.
An additional threat is represented by the growth of generative artificial intelligence. Thanks to the available AI tools, even non-tech-savvy criminals can create effective bots. In 2024, almost half of all bot attacks were realized by such ‘simple’ bots. Likewise, the amount of attacks via API grows—55% of instances of account hijackings were targeted at API endpoints.
Despite regular standing investments in cyber security, only 20% feel ready to mitigate such attacks. Bot networks constantly evolve and adapt, making it more difficult to detect and neutralize them. This is why effective defense must begin not after an incident but timely. Companies should implement preventive measures, such as API access control, regular traffic monitoring, and behavioral analysis, using specialized solutions. Only a proactive and complex approach will minimize the risk of bot attacks and provide for the stable functioning of web resources in 2025 and on.
Olga is a recognized expert in IT and information security with 19 years of experience. Among other things, she specializes in information security systems design and implementation. Her profound knowledge of IT technologies and principles of building IT infrastructure put her in the position of the Chairperson of the Committee on IT and Cyber Security of the German-Ukrainian Chamber of Industry and Commerce. Olga is also the CEO of the Ukrainian IT company Silvery LLC.
