The other day, I came across an article by Gizmodo that spoke of how close we are from the Dead Internet Theory becoming a reality. The article, titled “Dead Internet Theory Is 17% Of The Way To Becoming Reality, Study Finds” spoke of a few studies, such as the one conducted by Imperial College London, Stanford University and the Internet Archive. It found more than a third of new sites online are AI-generated.
The article also brought up Cloudflare’s previous research that found nearly a third of all Internet traffic was bot-driven. So many other studies say the same thing, and with AI becoming a part of everyday online activity, it has become much harder to distinguish between human and bot.
Separate research that found that 1 in every 5 requests reaching websites are automated. This is according to bunny.net’s 2026 Edge Security Report, which assessed 42.5 billion requests that were processed from January to May.
What Exactly Are Automated Websites?
In this context, when we say “automated”, we are referring to bots, crawlers and API traffic – these have all become very common across the web and according to the report, overall traffic went up by 53% and automated requests counted for about 20% of all this traffic.
AI crawlers create more traffic than search engine bots after they accounted for 0.54% of all requests, compared to 0.50% for search bots. With that being said, ByteDance’s Bytespider accounts for almost half of all AI crawler traffic, which is more than all of the traffic tech giants Anthropic, Google and OpenAI combined created.
“Automated traffic is no longer the exception, it’s becoming the foundation of how the internet operates,” said Dejan Grofelnik Pelzel, Founder and CEO of bunny.net. “For the first time in history, we are seeing agentic driven activity surpass human traffic, lowering the barrier for attackers and making it easier than ever to identify vulnerabilities and target applications at scale.
“The reality is that these threats don’t just affect the world’s largest organisations, they affect everyone building and running online services. We believe every organisation deserves security that keeps pace with how the internet is evolving, not just those with the largest budgets or security teams. Building a safer internet starts with making protection simple, scalable and affordable, so businesses of any size can respond to threats in real time and operate online with confidence.”
More from Artificial Intelligence
- New Report Suggests That UK Workers Still Rely On Shadow IT Despite Millions Spent On Digital Transformation
- ChatGPT Launches New Scheduled Page – What Does It Do?
- New Research Suggests More Than 50% Of AI Jobs In The UK Could Go Unfilled By 2028
- How Can AI Help My Small Business Manage Calls More Efficiently?
- Sports Sites Are Seeing More Bots Than Ever During The FIFA World Cup
- AI Has Broken B2B Outreach And The Startups Adapting Are Winning
- AI vs. 100,000 Humans: Who Actually Holds The Creative Edge In 2026?
- Have You Ever Looked Yourself Up On ChatGPT?
How Does This Impact The Rise In Cyber Attacks?
Of course, as more of the internet is being run by bots, the likelihood of cyber attacks inevitably rises with this. The company recorded a massive DDoS attack that contained 16.5 million requests a second from over 392,000 distributed IP addresses.
The company’s words were, “bunny.net recorded its largest-ever Layer 7 DDoS attack during the reporting period, peaking at 16.5 million requests per second from more than 392,000 distributed IP addresses. The largest Layer 3/4 volumetric attack reached 4.2 Tbps. Both were mitigated at the edge without service degradation.
“Meanwhile, traditional web application attacks remain persistent. Injection attacks, including SQL injection, cross-site scripting (XSS) and remote code execution, accounted for 45.5 percent of all categorised web application firewall (WAF) blocks.
“Local File Inclusion attempts represented a quarter of all blocked attacks, while Log4Shell – despite being disclosed more than four years ago – still triggered more than 184,000 security events during the reporting period.”
Joe Connolly, Head of Content Delivery & Security, added, “The findings from this report clearly show that isolated, per-server security models are no longer fit for purpose against modern traffic patterns. When a large proportion of internet traffic is automated and attacks are increasingly distributed and machine-driven, we have to move security closer to where the traffic is generated and processed to prevent resource exhaustion, credential abuse, and application-layer exploits before malicious payloads reach backend infrastructure. Our goal is to make that level of protection available by default, so organisations can focus on building great online experiences instead of defending against increasingly automated attacks.”
So, we are clearly getting closer to the Dead Internet Theory becoming a reality. The concerning thing about this doesn’t just boil down to things like interacting with a bot instead of a human on a comment section. The real problem here is that the attacks that will come with the influx of bots becomes harder to avoid and/or handle. It’s imperative for organisations to tighten up and update their security measures before it’s too late.
