Bot Traffic Dominates 53% of Internet as AI-Driven Attacks Surge 12.5 Times in 2025

Bots amount for 51% traffic on internet, AI-driven attacks surged 12.5x

A French company has revealed that the bots now dominate the internet, accounting for over half of all traffic, with 40% classified as malicious. Thales stated in a report that in 2025, AI-driven bot attacks surged 12.5x compared to the previous year. Titled "2026 Bad Bot Report: Bad Bots in the Agentic Age", the report revealed a fundamental shift in how the internet operates, as AI-accelerated automation becomes a defining feature of modern digital infrastructure. The report shows that AI is not just increasing the volume of bot activity, but fundamentally changing its nature.

Bots now account for over half of the internet traffic and they're raising all kinds of hell

While humans built the internet, actual people aren't the ones roaming the online space the most. A new report from Thales says bots accounted for more than 53% of all web traffic in 2025, up from 51% the previous year. Meanwhile, human activity has fallen by 47%, which means automated traffic has now become the dominant force online. And that's not even the bad news. How AI is making the bot problem worse The big jump in bots on the internet is largely driven by AI-driven automation. According to the 2026 Thales Bad Bot report, 40% of all web traffic is malicious bot activity, with AI bot attacks surging 12.5 times compared to the previous year. These AI agents are reportedly emerging as a third category of web traffic, sitting alongside the traditional "good" and "bad" bots. These agents can even interact with apps and APIs, pull data, and perform tasks in ways that may look legitimate from the outside. Recommended Videos In other words, the problem is no longer just spotting whether something is automated. Security teams now have to figure out what that automation is trying to do. The web is becoming machine-driven Not all bots are bad, with a lot of them being used as search crawlers, monitoring tools, accessibility services, and legitimate AI agents. The issue is that automation has become so widespread that old security models are starting to strain. It also makes the classic "dead internet theory" feel a little less ridiculous than it used to. For those unaware, the theory basically argues that much of the web is no longer driven by real human activity, but by bots, algorithms, synthetic content, and automated engagement loops. It has always been more internet folklore than proven reality, but the latest Thales numbers give the idea an uncomfortable new edge. To be clear, this doesn't mean the internet is fake or that humans have disappeared from it. But when bots account for more than half of web traffic, and malicious bots alone make up a huge chunk of that activity, the signs get harder to ignore how much of the modern web shaped by machines.