Cloudflare Radar’s 2024 Internet Year in Review
Presented by: João Tomé, David Belson
Originally aired on December 24 @ 11:30 PM - 12:30 AM EST
Explore the worldwide trends that shaped the Internet with Cloudflare Radar’s 2024 Internet Year in Review . Join Host João Tomé and Cloudflare Head of Data Insight, David Belson as they look at Internet trends and patterns across 2024.
We also discuss Robotcop and how content creators can prevent bots and crawlers from scraping their sites using a button in the AI Audit section of the Cloudflare dashboard.
Dive into the data yourself at the Cloudflare Radar Year in Review microsite
Read the blog posts:
English
Transcript (Beta)
Hello everyone and welcome to This Week in NET. It's our Friday the 13th 2024 edition and this is a special episode all about Cloudflare's Year in Review 2024.
We're coming to you directly from our Lisbon office, the library, the beautiful library.
So our Year in Review started in 2020, so this is a new edition with new sections.
We're going to talk to you about different countries, so this is a microsite we're going to show you in this episode, that microsite.
So we're going to show you trends all about our beautiful planet in 2024 and of course the Internet.
It's important to note that we're showing you trends throughout 2024 and also you can compare with 2023, so it's all about time.
And of course remember this is all about Cloudflare's data, so we have a global perspective and we're sharing that perspective with the general audience.
But first some trends regarding Friday the 13th.
The fear of Friday the 13th has a very specific name known as, let me try to say this, Perixcavia Dicatriophobia.
It combines superstitions about the number 13 and Fridays.
Some trace it to the Last Supper, where 13 guests gather before Jesus' crucifixion on a Friday.
Also worth mentioning that it was 50 years ago, on December of 1974, that FinServ, along others, released the first full specification of the Transmission Control Protocol, TCP.
This is a protocol very important to the Internet we have today.
On that note, this year we did a special episode all about the 50 years of TCP you can check in our show page.
Now for some trends.
This is a longer episode, first because it was a busy year on the Internet, but second because Cloudflare has a lot of data.
We want to go over some of the trends we saw in 2024 and we also mentioned in this episode Robocop.
A cool name, but in general is something that allows content creators to stop bots and crawlers to scrape their sites with a button in our AI audit dashboard.
On to the episode.
I'm your host, Ron Tomé, based in Lisbon, Portugal, and with me you have David Belson, our Head of Data Insights, based in Boston area, right, David?
Yeah, just a little bit north of Boston. So we work together a lot and Year in Review is one of those moments that is the summary, in a sense, of a lot of work during the year.
Different blog posts, different trends, different things that are on radar, that are observed in a different way, right?
How can we explain those who don't know what is Cloudflare Radar and it's Year in Review?
What are those two, in a sense?
Absolutely. So I think at a high level, Cloudflare Radar is basically a, I'll call it a portal for lack of a better term, from Cloudflare that helps us bring insights into the Internet to the general public.
And that can be just journalists, it can be network practitioners, security practitioners, just members of the general public who are interested in various topics.
By virtue of the global deployment and the global footprint that Cloudflare has, the millions of customers that we serve content for or protect, we're able to basically gather up a lot of what I call data exhaust from that usage, from those services.
We analyze it and then break it up by country or network, allowing end users to see trends across various topics, whether it's security, whether it's traffic, Internet quality, Internet outages, the adoption and usage of certain protocols, things like that.
So radar, they're organized across those various topics on radar.
And you can go in and look at them generally defaulting to a short period of time, like a week or a day on the metric.
So Year in Review, in an effort to bring that all together into one coherent interface and to provide a much longer term look to say, okay, over the last week on radar, it looks like this metric did this, but over the course of the year, it did that.
And maybe it's continuing to trend upward over the whole year.
Maybe it's trending upward earlier in the year, but now it's trending down.
So it's giving a longer term perspective on the health of the Internet, if you will, or the various vital signs that make up the Internet.
Exactly. You mentioned how Year in Review came about. It was in 2020, the first one.
So this is the fifth one, the 2024, the fifth one. And of course, every year there's additions, new sections, new perspectives, not only because radar has different sections, but sometimes the year is different for all sorts of reasons.
And we add stuff depending on what was the year about. Exactly.
Yeah. If you look back at the 2020 Year in Review from, I believe that John Graham-Cumming, who we report to, wrote it up.
And it was a fairly short post.
And actually it was mostly about, if I remember correctly, traffic shifts between cities.
It was a very granular look, because obviously at that point, we were sort of headlonging to COVID and people were moving about.
They're saying, okay, if I don't have to be in this office, I'm going to go live elsewhere, work elsewhere, if all I need is my laptop and a connection.
So we looked at how traffic had shifted in that respect.
And then the following year, which was days before I joined Cloudflare, I know it had expanded.
I know that was the first year, I believe, that you had drafted the Chop It Around Services post and we added that to the review.
In that year, I wrote two. It was the first time we wrote two. One, the typical Year in Review also focused on the pandemic and the changes between...
Right.
It was still very traffic-based and what I believe, what verticals or industries, I think, saw the most traffic over the course of the year.
So there was a focus on that.
And then 2022, 23 and 24, we've tried to sort of run that circle and incorporate more and more radar insights into the project.
Exactly. Makes sense. Let me showcase, in a sense, the microsite that we did this year.
It's quite similar to the one that we did last year in terms of visuals, but there's definitely new...
So this is Cloudflare Radar, for those who don't know, with a lot of different metrics here.
And we have here a very direct link to our microsite this year, Year in Review.
David, we added this year these summary cards, in a sense, that showcase a bit on some of the things that are highlighted in the report, right?
Right. Yeah, but it was a way to kind of bring the key findings for each section up top.
So if you see a key finding there about IPv6 adoption, bot traffic or whatnot, you can click on that card and it takes you right to the section.
So there, if you click on the Spain one there, it will bring you down to the Internet quality section, where we highlight the connection speeds, upload, download, and the latency measurements that we've done.
And in this particular case, because we're looking at it worldwide, ranking in the countries.
Exactly. And even, I think, this year, there was a big improvement in terms of user experience.
We have buttons to go up and down and explore the different sections.
This is a very typical section that we had since the beginning, the Internet traffic growth, in a sense.
Also, this is a global metric, but folks can explore different countries.
And this year, and why not talk about that right away, we can compare between countries, right?
Yep. Yeah. So last year, in 2023, we had a few of the line graphs, a few of the, I think, traffic-related graphs.
User had the ability to, or actually didn't have the ability, we, by default, showed a comparison with 2022.
We had heard from some folks that they'd really like to be able to compare metrics between countries.
And now, because we've also been doing this for several years, we've been keeping the metric definitions, we've been keeping the prior year's data sets as sort of backup.
So that enabled us this year to build in capabilities to compare both between geographies, so I can compare worldwide to a country, or I can compare two countries.
And then I can also compare 2024 to 2023.
So in some cases, you can compare both countries and year over year, and the graph gets a little busy, but you can also then clip to select what you don't want to see.
For example, I'm showing right now the United States with a clear growth in traffic, and also Morocco.
Morocco, we could see Ramadan here, and also one of the major holidays, religious holidays in June, which is not the case in the US.
Right. And there's a clear path in terms of growth, different between countries.
The summer dropped in late November, an increase, and people can definitely compare and see the differences between countries.
Right. And I know in the United States or worldwide, the shape was very similar year over year.
So we saw what I call a flat, it averages out to effectively flat through mid-year, and then it starts to grow more aggressively late summer.
And we saw that last year and the year before as well.
True. Continuing, this is a category, a section that we had also last year and two years ago regarding Internet services, where people can explore the different categories regarding social media, generative AI.
We have also a more complete blog post in terms of showing evolution between the different categories throughout the year.
And why not showing off the fact that this year, and this is a new thing, we have the by country perspective, at least in the overall perspective.
And I added Portugal because in Europe, this is something that we mentioned in the blog.
In Portugal and in Europe in general, Microsoft services are much more in the top 10 than they are in other countries.
So Europe and Portugal in this case appear to like Microsoft services in terms of rate.
Yeah, it was definitely interesting to see, when we looked at the country level top 10s, there was a lot of familiar faces across countries, but then certainly in some countries, you saw some more local sites and services.
Like if we look at South Korea, for instance, if I remember correctly, we see Navbar, there's a number four.
But other than that, it's still the other global platforms, but in some cases we have those more local services that pop into the top 10.
Makes sense. This is a very popular category as well, SpaceX, Starlink traffic trends.
News media outlets have been picking up last year and this year as well.
Everyone knows that Starlink continues to grow worldwide in different countries.
And we show not only the worldwide perspective, but also the by country perspective here, right?
Right. Yeah, it's definitely interesting for Starlink to see the growth, especially when the service is newly established there.
They're constantly turning up new geographies.
I believe if you go to Malawi, we saw some just absolutely massive growth there over the course of the year.
It had been activated, I believe in Malawi in late, I want to show you the last week of December last year.
And then so it starts almost at zero there.
And then it grows fairly quickly over the course of the year. I'm trying to think of the other country that we called out, Dex, where it had been activated, I think earlier this year.
And you see this almost vertical ramp once it becomes available.
I think it was Paraguay in a sense. Yes. Paraguay definitely saw a big jump.
Yeah, I can't remember. This was another one we called out that had a big increase.
If I remember the other one, I'll come back to it.
But sure. Let's continue. IPv4 traffic distribution. For those who are not using QuadOneWarp, they can play and zoom to their own IP address here.
Also see this landscape.
This is not new, but it's always... No, this one started out last year as a sort of almost a lark of a, you know, hey, it would be really cool if we had a perspective like this.
And one of the team members at the time who had done a lot of work with the Hilbert curves is like, I can pull that together.
And so, you know, much quicker than I expected, we wound up having a version of this.
So the interesting thing, you know, with no plots on it is seeing who owns the various address space through how it's distributed throughout the world.
There are even some, you know, as you're mousing over there, there are some address assignments that were made before the regional Internet registry system was in place.
So you'll find that that folks like AT&T and one of those, a car company, Daimler, I think, has a large block of addresses.
You know, but beyond that, it is, you know, if you look at it from a traffic perspective, oh, this is why it's not showing anything.
We have Paraguay selected.
So if you just do select Paraguay up top, yeah, this is very puzzled.
You'll see a perspective of where Cloudflare sees traffic from on the IPv4 Internet.
You know, and one of the, you know, interesting things there is that we see the highest concentration of request traffic from a set of Google IP space.
And that's, you know, we believe it's because that's where the Google box lives and they were just, you know, crawling, you know, the millions of, crawling the content from the millions of Cloudflare customers.
A technical, but interesting perspective and show how complex the Internet is in terms of networks and...
Yes, pretty much so. Yes.
This is a new addition, AI bot and crawler traffic specific. Raider added this section this year.
Yep, on birthday week. Yeah. So how can we emphasize this one specifically?
Yeah, I think it's really interesting just to see the different patterns.
A, the different patterns of the various crawlers that we look at here, but also just the the difference in, I guess, scale of the traffic that we see from these crawlers.
So, you know, you're looking at BiteSpider, which started out the year, you know, with a fairly significant amount of traffic, a significant amount of crawling traffic, but it appears to have sort of scoped down over the year.
Whereas CloudBot, you know, started the year a little more quietly and then became a lot more active in the late April, early May timeframe.
You know, had a big burst of crawling activity there and has been active, but sort of less so throughout the back half of the year.
And then things like GPTBot and OAISearchBot, ComplexityBot, I think, I don't think they are sort of actively indexing or crawling.
I think those come out a little bit more as a result of user requests.
So I want to assert, I'm asking my AI agent, my AI platform for information about something.
So it goes out and it looks on the Internet for, you know, information on whatever topic that is.
I think this is where we're seeing the remnants of there.
This is a very interesting topic in general, AI crawlers and bots for sure.
And we actually launched in recent months a product, MyAudit.
There's a blog post this week about that specifically, right? So we launched AIAudit several, a couple of months ago to give customers a better perspective on the various AI bots and crawlers that are consuming their traffic.
You know, giving them insight into what those, you know, what content are those AI bots and crawlers focusing on, what paths or whatnot.
And then this week, as you mentioned, we launched RobotCop, as I guess that's what we're calling it, to enforce a site's robot.txt file.
So in the robots.txt file, you can specify and say, hey, for these user agents, here's what you're allowed to do.
And in some cases, it may be that you say, you know, no particular user agent, let's say GPT bot, is not allowed to index or access anything on my site.
Whereas Google, and you can say, you know, I want you to access, you know, everything under slash blog, but nothing under slash admin or whatever.
So yeah, so this new feature enables Cloudflare to actually go read the robots .txt file and enforce the directives that are in there.
There's a button that does that, right?
Enforce robots.txt rules. This is really relevant for content creators, something that's close to us and a former journalist.
So a good topic to put here as well.
Let's move on to post -quantum encryption. This week, there was also a news article regarding Google and an advancement in quantum computing.
Yes. So, I mean, so BOSS obviously would be able to go into the details there.
From what I've read about it, I think that the nuances of the Google announcement were thoroughly lost in the coverage of it.
You know, I think what my understanding, at least from what I've read, is that what they announced is important, but is in no way an end game.
You know, I think PQ is still safe for several more years. You know, the interesting thing here with this metric is you can see that vertical ramp, basically, in April.
That was when Chrome version 124 enabled post-quantum encryption by default.
So that speaks to, in large part, the prevalence of the Chrome browser.
And you can see it continuing to increase over the course of the year.
You know, because we are looking at this as an average over the course of the year and smoothing it, you know, we come up with a 13% number, 13.5% number at the end of November here.
My understanding is that Google enabled PQ encryption by default on Chrome for Android actually last week.
So if you check the radar graphs, the global radar graph, post -quantum encryption, you'll see it's actually closer to 30% right now, or probably a little bit over.
So there was an uptick in recent days.
Yep. You can see right there last Thursday. So it was hovering previously around, you know, if you go out to like, say two weeks, you can see probably a little more starkly where it was previously around 20%, you know, 20, 15, 20%.
And then when that activation happened, now you start seeing it climb pretty significantly.
You know, and the interesting thing here as well in this graph is that you can still see the diurnal patterns.
So the sort of the, almost the day, night, you know, peaks and valleys, and then the weekend is obviously very clear as well.
Yeah. The weekend is lower because potentially there's less Chrome use over the weekend, potentially.
So this is always a good metric. I think most folks don't realize, but this encryption, post-quantum encryption is really relevant even because if quantum computers start to decrypt things, this will make sure that previous data is protected in a sense.
Right. That's the concern.
That's the driver behind the development of PQ encryption is that there may be entities now that are, you know, capturing and storing encrypted content, you know, so you have the, well, you still have the lock on your browser, but, you know, the capturing and storing that for potential decryption later.
So the fear is that in some number of years from now, when quantum computers are capable enough, you know, these entities will go through and decrypt everything.
And I guess then, you know, figure out what you bought on TMU back in December of 2024, because I'm sure that'll be terribly interesting back, you know, in 2020, in, you know, 2035.
And this is a nice one because we, this, you have a map, which gives a different perspective, iOS versus Android.
So not only we explain that 32.6% of traffic is from iOS devices, the rest is from Android.
Of course, we also have a ranking of countries where Android, in this case, or iOS people can select, has a higher percentage, and we've seen that, we've seen that, that sort of two thirds, one third breakout, you know, be reasonably consistent year over year.
The percentage has shifted a little bit between 2024 and 2023, but not, not in a, you know, not in a significant way.
So yeah, you can see, iOS has a slight, iOS went up a slight bit and Android went down a little bit.
You know, so I think we're hitting sort of a stasis point there where, you know, my suspicion is that unless, you know, either Android or Apple, you know, if the, the promise, you know, iPhone SE4 winds up being, you know, incredibly powerful and incredibly cheap, you know, maybe we'll see more of a shift next year.
But other than that, I think, you know, if you look at the map, what we're continuing to see is, is greater iOS adoption in countries that have, you know, stronger economies, more, more cash to spend.
Whereas the countries, many of the countries with, you know, lower per capita incomes are more heavily Android users.
Exactly. North of Europe, for example, the UK, Canada, US, Australia, Saudi Arabia, and Japan are definitely those, which is always interesting.
This is a new addition this year, the map here, and we also have a map here for HTTP versions.
In this case, 20.5 % of traffic uses HTTP3, which is an improvement from previous years and a good thing in terms of security online, right?
Yep.
And we make H3 available by default for our customers. Not all of them choose to use it, unfortunately.
But, you know, it is something that we have been active, actually, in the development of.
We have, you know, folks in the Cloudflare team that were active in the development of H3.
And, you know, as many, as we do with many new technologies, we, you know, try to make it available by default to really reduce the friction to enable customers to adopt it.
Makes sense. Also, a world map here.
We can see where the percentages of HTTP3 users is higher. Website technologies.
This comes from one of our cool tools on Radar. URL scanner. People can browse and see what specific sites use in terms of technologies and things like that.
And while doing the top 5,000 domains, we identify the popular technologies across categories.
Very different categories here, in a sense, right?
Right. Yep. Yeah. I mean, the category is in large part that URL scanner can identify.
So on URL scanner, there's a technologies page. So when you go and scan a site, we can figure out, you know, who is it using for advertising, you know, what JavaScript libraries have embedded in it and so on.
So we're basically going through and scanning, as you mentioned, the top domains and figuring out what those sites are using.
API, client language, popularity. Go is the most popular choice.
So this also shows a very specific API-related perspective. Now that we know that APIs are quite important these days regarding the Internet.
Right. Absolutely.
Yeah. I mean, when you use a mobile application, for instance, that is heavily API driven.
So it's, you know, the mobile front end is going back and making calls to an API endpoint, requesting all of the, you know, whether it's the latest social media posts or your stock prices or what have you, to consult the content in that interface.
Let's move on. Search Engine Market Share. It's a new addition. We have reports on Radar regarding Search Engine Market Share, but also browser usage.
This is the Search Engine perspective. People can also see in more detail where, which search engines are more popular by macOS, mobile, Windows.
So by its operative system, in a sense. And you can also break it out at a country level as well, across all those categories.
So for me, one of the interesting things in looking at this was, you know, okay, Google is, you know, basically the top search engine everywhere.
But it was the distribution of the second place search engine and the others that was really, I think, found to be different across multiple categories.
So like macOS, you see DuckDuckGo is the number two search engine, the privacy-focused search engine.
But then if you look at, say, iOS, that doesn't hold to be the same case.
You know, oddly enough on iOS, Baidu is the second most popular search engine.
And then Windows, of course, is Bing.
Exactly. But Bing with a much larger percentage than the second place finisher in the other categories.
Almost 11%. Browser Market Share, also an interesting one with the same types of perspectives in terms of iOS, mobile, Windows, as you were saying.
For example, Safari here is, for example, on macOS has almost 40%, which is a lot compared with the other general metrics.
Right, but on iOS, it flips.
So, you know, and Safari, because Safari is the default browser, you know, people just, okay, I'm just using Safari.
Exactly. Quite different in the overall perspective, where Safari only has 60%.
Internet outages, this is something close to your heart, specifically.
There was an increase compared with the previous year in terms of major Internet disruptions globally, and people can explore these very specific outages over the year in this timeline, which is really cool.
And there's also mentioned here that government directed was number one.
Journalists have picked up on this as well. And what is the main thing we should emphasize about this?
Oh, boy, so many things, you know, I think one is, yes, we saw over 220, you know, outages over the course of the year.
Those were just the ones that we tracked.
There were other outages that, you know, either we saw, you know, in our anomalies feed, but weren't able to identify root cause for.
Generally, the ones we're tracking here are the ones where we know it happened because of a cable cut or because of a government shutdown or things like that.
There are others where, you know, we see a drop in traffic over a couple hours or whatnot, and we don't know why it happened.
I think the other thing to take away here is that, you know, government shutdowns are I'm sorry, government directed Internet shutdowns are unfortunately still all too common.
You know, they're being used in cases where the government wants to suppress communication, say, around post after election, for instance.
Maybe they want to suppress the spread of misinformation or what they claim, at least.
In some cases, they shut down the Internet in cases where there's riots or other unrest.
So, obviously, they want to prevent people from communicating and organizing.
But what we saw a lot of this year across multiple countries still is government directed Internet shutdowns that are intended to prevent cheating on the national exams.
So, you know, in some of these countries, they have these national exams.
They take place, you know, every day for a period of several weeks. Then maybe separate sets of exams.
They take place in June and July and September. So what we see is a lot of these individual shutdowns, like in Syria there or Iraq, you know, where there are these multiple multi-hour shutdowns over the course of several weeks.
You know, and whether or not they're effective in preventing cheating on exams is still not entirely clear.
Sure. But that continues to happen for a number of years now.
Yes. IPvC adoption, IPv6 adoption, specifically here.
Also something important regarding the Internet that people can explore. We've been a big, big IPv6 supporter and have been basically for all the years that Cloudflare's been around.
Exactly. Since the beginning. Internet quality, a relevant one.
We already mentioned this one, mobile versus desktop with mobile gaining traction over the year.
And it's quite cool for us to also have a map here showing, for example, Africa, South America and different countries in Asia, India as well, that had a higher percentage of mobile device usage in those countries, which is kind of cool to see the globe in that perspective.
Yep. Absolutely.
TCP connection anomalies. This is relevant and recent, right? We added this.
Yes, we launched this. We'd originally launched it in September 2023 in conjunction with a presentation that folks from our research team collaborated with slide researchers on.
And then there was some additional work we had to do on it. So we wound up launching it again just ahead of birthday week this year.
And what this shows, this is a little bit more of a complex metric in terms of explanation.
But the idea here is that when a connection between a client and the Cloudflare server happens, there's, you know, when you have a TCP connection, there's what they call a three -way handshake.
And if the connection winds up basically being reset or times out unexpectedly at some point during that handshake, we can identify when that happened.
So we have the three stages in the legend there. And then the signatures that we see based on what happened and when it happened can give us some insight into what might've been causing that.
So, you know, at the risk of going into a round hole, I'd say just, you know, if you're interested in that, you know, read the blog posts.
They really do a great job at explaining the data and the concepts behind it.
Like I said, mitigated traffic. This is regarding potential attacks, WAF, mitigate and manage rules, and also DDoS, quite important.
And people can also explore the country perspective here.
Bot traffic sources. The bots continue to be relevant as we see in terms of this percentage.
68% of global bot traffic comes from top 10 countries.
Half of which comes from the U.S. Exactly. The U.S. is quite high there in the list.
Also, we have bot traffic share by autonomous system.
So which autonomous systems have the most bot traffic? And in this particular case, you see that the cloud providers are among the top autonomous systems there.
And to be clear, this is, you know, ultimately both good bots and bad bots.
Exactly. So, you know, cloud providers certainly provide a comfortable platform for a bad actor to go and say, I'm going to spin up a, you know, a VM on AWS.
I'm going to do my, you know, do my malicious deeds and then I'll rip it down and move on.
So it's sort of more ephemeral. But then you also have, you know, good bot providers, you know, crawlers or, you know, indexers or performance testers or things like that.
They may also be using the cloud provider infrastructure.
So this autonomous system perspective ultimately incorporates both good and bad bot activity.
Exactly. Also a popular one, most attacked industries, gambling and games organizations were the most targeted in 2024.
And they just barely eked out ahead of finance.
You'll see it in the table there. They both have the same 6.6% share, but those just do the rounding.
So gambling and games came out just slightly ahead.
Sure. It makes sense. Those are two industries in a sense. Right.
That are known to be a target. Commonly exploited vulnerabilities, log4j still being actively targeted.
That was a surprising one to see. You know, we covered that last year.
We saw that last year. And then when we looked at it again this year and saw, you know, we still see that it's so significantly ahead.
The amount of traffic that we're seeing for it is so far ahead of even aggregated, you know, traffic for authorization bypass and remote code execution vulnerabilities.
This is literally a three-year-old vulnerability.
Yeah. And it's still, you know, the presumption is that there's still some success in exploiting it because, you know, I think attackers, when they stop seeing success, when they stop getting value out of it, they move on.
True. But clearly that's still the case. I remember in December 2021, I was...
Right, you had just started. Yeah. Yeah. And I remember a blog post being written explaining what we were going to do.
And I could see that was quite important and relevant, but I was not expecting that three years after it was still being here.
So... Yeah, I think we published five or six posts over the course of like three days on that vulnerability.
We did. Routing security, also an important thing for the Internet.
Yes. RPKI, a valid IPv4 routes in 2024.
So the idea here basically is, you know, that a network provider, basically what they call signs, you know, with some cryptographic attribution that says, these are the network paths that belong to me and I should be the one announcing them.
So ultimately, if you, you know, telling other network providers, you know, if you see somebody else announcing these network paths, that's bad.
And don't, you know, don't accept them and really don't share them. So we're seeing more and more adoption of RPKI, the routing public key infrastructure technology across the Internet.
6.4% increase in 2024. It would be better if that number was higher, of course.
Obviously, yeah. But there's still a lot of work to do.
But the fact that more than half is assigned right now is an important milestone, to be honest.
This also shows how Kaufler has different product. In this case, it's related to Kaufler email security.
Right. And we saw that in 2024, 4.3% of emails are malicious.
It was higher than in the previous year, 2023, which was around 3%, if I'm not mistaken.
I think so, yeah. Yeah, I think this was actually brought higher probably by those spikes in the spring.
True, true. Top email threats with 43% of malicious emails contain a deceptive link.
Also really relevant these days and in previous days.
Knowing that phishing is continues to be one of them.
Right. And it's funny seeing, you know, just seeing the stat and having worked with it over the last several weeks, it makes me just much more suspicious and much more paranoid, you know, when I get emails and I'm looking at things going, okay, yeah, you know, is this really a shipment, you know, alert from something I bought the other day?
Or there was an email I got yesterday about a settlement from some data breach.
And it's like, okay, is this legit? You know, click here.
It's like, I don't know, you know, I probably should have stuck the URL into URL scanner, but I didn't.
But yeah, it's definitely something where it's still, email is still a very effective front door into a organization.
It is. Most observed TLDs in this case with .bar originated large share of malicious and spam email.
And...
Yeah, you know, just there's been, I mean, I've been sort of, I don't even know what to say, you know, sort of on the outskirts of the new TLD space, since ICANN started back in the late 90s, and, you know, paid attention to it, went to the first ICANN meeting.
But, you know, so many of the new TLDs, especially these GTLDs, don't have a clear use case.
You know, .bar and .rest are actually, they were spun up by a hospitality organization, I think, for the use of, you know, for use by bars and restaurants.
Like, okay, but, you know, they see some usage.
I think they both, I think the mission of the blog post to have on the order of 20,000 registered domains under them or something like that.
But, you know, they're not seeing widespread commercial usage.
I think what they're really, mostly has happened is that they're hijacked by, you know, bad actors to send spam or to send phishing, you know, malicious phishing emails.
Makes sense.
Before we go, let's show first the blog post that we wrote to invite everyone to read them, because there's a lot of trends, very specific trends on U.S.
elections, on Twitter, ChatGPT increased during the year, Starlink growth in different areas, outages very relevant in specific countries that people can definitely explore in a sense.
But also to give folks a perspective, this is the General Colfer 2024 Year Review blog post with the key findings.
What are the things that we didn't mention so far that you think are relevant this year that people can check?
I think we basically hit, you know, basically all of it. I think, you know, for me, you know, in writing the blog post, you know, there's just so much under the covers of the year review that, you know, I basically have to pick, you know, small tidbits here and there.
But for me, I think the value is really encouraging people, you know, read the blog post, you know, get a high level of review, what we thought some of the key findings were.
But more importantly, go explore it for your country or go explore it for a country of interest.
Go explore it and compare it to last year.
I think that's where the real value of the year review lies, is to really, for each user, to sort of almost customize their experience based on their interests.
Makes sense. This is the Internet service one, which has the categories folks can explore here.
Something that is not on the microsite in a sense, which is the evolution throughout the year, which ones were top and which ones were on a downward perspective, with chap GPT highlighted here and also GitHub co-pilot making.
Yeah, that definitely has taken off this year as well.
And it was actually a really interesting article. Oh, it was in the New Wired magazine.
Actually, it was an article about Microsoft's comeback and they talked about their work with open AI and how that technology got wind up getting integrated into what became GitHub co-pilot.
Also mentioned here, Blue Sky and Treads, really far still from the levels of the main social media categories, big names, but appearing already, especially in November, in the top 20 of social media, e-commerce, Temu growing.
And I want to also mention the US elections where we saw very specific news outlets growing in our list regarding that.
And here, this chart actually shows how BBC, New York Times, CNN, Fox News, all rose on November the 5th.
Right around election day. Exactly, exactly. So a lot to explore in those two blocks for sure.
Before we go, what can people expect of Radar and of your review for 2025, if we can at least give a perspective there?
I have to look into my crystal ball.
Yeah, no, we're starting to work on a roadmap for 2025.
So from a Radar perspective, want to bring more tooling to Radar. So not only adding more datasets, but also bringing more functional tools to Radar.
I think we found certainly that with the URL scanner helped us drive a lot of traffic to the site.
So what other important sets, what other important kinds of tools can we add to Radar that people would use on a regular basis?
So we've got a list there that we're working through.
We'll be rolling out some DNS insights shortly based on aggregated resolver traffic.
So we got some of the stuff that was analyzed for the top Internet services post.
We'll be analyzing in a similar way for Radar. We're also going to be putting together an AI-centric page.
So taking the AI traffic that we just reviewed, and it's on the traffic page on Radar and bringing it onto its own page along with insights into robots.txt files that customers have or that sites have and what they say with respect to what the AI crawlers can or can't do in those sites.
For your review 2025, probably not too early to start working on that.
I know there's an opportunity to add more content around denial of service attacks and more security, more security related metrics.
I think we'll find more opportunities over the year, certainly as we have more content to Radar, but also to think about can we also include highlights from that on your review?
Makes sense. I'm always surprised on how much different aspects of the Internet we can see.
How much it summarizes the year, how much it actually sees relevant event related information, something happened, a new service appeared.
We can actually see a lot. And it's quite interesting to see the dimensions that Cloudflare has in terms of observability, which is quite interesting.
Always surprised there specifically.
Absolutely. Oh, well, this is a lot in terms of work and also process.
So let's also thank everyone in the team that so much in all of these areas, in a sense.
Yes. The team has done a phenomenal job with your review since I've been involved with it.
Every year it keeps getting better.
I think we've got talented folks on the team. And I think we've also got, as we're building up those more years of experience, we've got stable definitions, we've got better processes around archiving data and things like that.
So this was great.
Thank you.