When the world logs off: Christmas, New Year’s, and the Internet’s holiday rhythm
As January approaches and the year comes to a close, distinct changes in global Internet usage emerge. Year-end traditions — ranging from Christmas feasts to New Year’s Eve (NYE) countdowns — shape online behavior across continents and cultures. Looking back at Christmas and NYE 2023 offers insights into how these trends may repeat this year, and by January 2025, we’ll be able to directly compare patterns. Examining data from 50 countries and regions reveals how people celebrated in 2023-2024, providing a timely reminder of typical holiday trends.
With Cloudflare’s global reach, we observe planet-wide and local Internet habits during the holiday season. In the past, unintended trends during Christmas and New Year’s Eve have surfaced through our Outage Center, which uses automatic traffic anomaly alerts to detect Internet outages or unusual patterns. In the 2023 overview below, traffic dropped enough on those days to trigger dozens of anomaly alerts (orange and pink bubbles):
While Christmas dominates in many regions, other cultural and religious holidays — like Hanukkah or regional festivities — shape online rhythms in places where Western traditions are less central.
In countries and regions where Christmas is deeply rooted, Internet traffic slows during Christmas Eve dinners, Continue reading
Grinch Bots strike again: defending your holidays from cyber threats
Back in 2021, we covered the antics of Grinch Bots and how the combination of proposed regulation and technology could prevent these malicious programs from stealing holiday cheer.
Fast-forward to 2024 — the Stop Grinch Bots Act of 2021 has not passed, and bots are more active and powerful than ever, leaving businesses to fend off increasingly sophisticated attacks on their own. During Black Friday 2024, Cloudflare observed:
29% of all traffic on Black Friday was Grinch Bots. Humans still accounted for the majority of all traffic, but bot traffic was up 4x from three years ago in absolute terms.
1% of traffic on Black Friday came from AI bots. The majority of it came from Claude, Meta, and Amazon. 71% of this traffic was given the green light to access the content requested.
63% of login attempts across our network on Black Friday were from bots. While this number is high, it was down a few percentage points compared to a month prior, indicating that more humans accessed their accounts and holiday deals.
Human logins on e-commerce sites increased 7-8% compared to the previous month.
These days, holiday shopping Continue reading
Global elections in 2024: Internet traffic and cyber threat trends
Elections define the course of democracies (even as there are several types of democracies), and 2024 was a landmark year, with over 60 countries — plus the European Union — holding national elections, impacting half the world’s population. As highlighted in Pew Research’s global elections report, this was a year of “political disruption,” where the Internet was a relevant stage for both democratic engagement and cyber threats.
At Cloudflare, with our presence in over 330 cities and 120 countries and interconnection with 12,500 networks, we’ve witnessed firsthand the digital impact of these elections. From monitoring Internet traffic patterns to mitigating cyberattacks, we’ve observed trends that reveal how elections increasingly play out online. As detailed in our just-published Cloudflare Impact report, we’ve also worked to protect media outlets, political campaigns, and help elections worldwide.
Here’s the map of countries with national elections that took place in 2024, from our elections report.
We’ve been monitoring 2024 elections worldwide on our blog and in the 2024 Election Insights report available on Cloudflare Radar.
In terms of Internet patterns, we’ve observed how cyber activity in 2024 continues to intersect with real-world events. Online attacks are clearly a significant part of elections, Continue reading
Merry Christmas And Happy 2025 Year
Dear friends,
We wish you nothing but the best in the upcoming 2025 year. May the health, wealth and joy accompany every your day.
Sincerely yours,
Team Karneliuk
Running Cisco CML in Proxmox
For the past few years, I’ve been running all my virtual machines on VMware Workstation Pro, installed on Windows 11. While it worked well for the most part, there were a few recurring issues. Windows would occasionally reboot to install updates, and when it did, my VMs would go down with it. This dependency on Windows to keep my VMs running became frustrating. Recently, I switched to Proxmox, a type-1 hypervisor, and the difference has been night and day.
In this blog post, we'll go through how to install Cisco CML (specifically CML 2.8 Free Tier) on Proxmox. If you're looking to install Cisco CML on VMware Workstation, check out my other blog post linked below.
Cisco CML Free Tier (No Kidding)
My initial reaction was, ‘Cisco giving something away for free? That can’t be true!’ But it turns out, it is. I couldn’t wait to try it. I believe it’s limited to five nodes, but I’ll take it.
Suresh Vina
Download the Cisco CML Image
Head over to the Cisco download page and select CML (2.8 Free Tier). You need a Cisco account, which is easy to create. Once you create the account and log Continue reading
RFC8277 breaks backwards compatibility
A quick public service announcement for anyone implementing BGP-LU or deploying it in a multivendor environment.
What is BGP Labeled Unicast
Originally, BGP was designed to advertise IP prefixes. Then [RFC2283] (obsoleted by [RFC4760]) defined Multiprotocol …
HN762: A Network Automation Roadmap
Once you get past a handful of Python scripts, network automation can be…daunting. If you want to make network automation process-driven, repeatable, reliable, and something that doesn’t just rely on your scripts and the knowledge inside your head, there’s an entire landscape that opens up before you. Have you thought about network discovery? How about... Read more »Hi Claude, build an MCP server on Cloudflare Workers
In late November 2024, Anthropic announced a new way to interact with AI, called Model Context Protocol (MCP). Today, we’re excited to show you how to use MCP in combination with Cloudflare to extend the capabilities of Claude to build applications, generate images and more. You’ll learn how to build an MCP server on Cloudflare to make any service accessible through an AI assistant like Claude with just a few lines of code using Cloudflare Workers.
MCP is an open standard that provides a universal way for LLMs to interact with services and applications. As the introduction on the MCP website puts it,
“Think of MCP like a USB-C port for AI applications. Just as USB-C provides a standardized way to connect your devices to various peripherals and accessories, MCP provides a standardized way to connect AI models to different data sources and tools.”
From an architectural perspective, MCP is comprised of several components:
MCP hosts: Programs or tools (like Claude) where AI models operate and interact with different services
MCP clients: Client within an AI assistant that initiates requests and communicates with MCP servers to Continue reading
Bring multimodal real-time interaction to your AI applications with Cloudflare Calls
OpenAI announced support for WebRTC in their Realtime API on December 17, 2024. Combining their Realtime API with Cloudflare Calls allows you to build experiences that weren’t possible just a few days earlier.
Previously, interactions with audio and video AIs were largely single-player: only one person could be interacting with the AI unless you were in the same physical room. Now, applications built using Cloudflare Calls and OpenAI’s Realtime API can now support multiple users across the globe simultaneously seeing and interacting with a voice or video AI.
Here’s what this means in practice: you can now invite ChatGPT to your next video meeting:
We built this into our Orange Meets demo app to serve as an inspiration for what is possible, but the opportunities are much broader.
In the not-too-distant future, every company could have a 'corporate AI' they invite to their internal meetings that is secure, private and has access to their company data. Imagine this sort of real-time audio and video interactions with your company’s AI:
"Hey ChatGPT, do we have any open Jira tickets about this?"
"Hey Company AI, who are the competitors in the space doing Continue reading
Boat build phase – Part3
When I went of in search of warmer climates in Australia I moored up at the Aylesbury Canal Society on the Grand Union’s Aylesbury arm. As fortune dictated the weekend before I got back a lock on the arm collapsed meaning I was going to be stuck there for sometime so decided to be productive and try and finish off the interior of the boat.
IPB166: Reflections and Projections for IPv6 in 2024 and 2025
In this end of-the-year episode of IPv6 Buzz, we review the significant developments in IPv6 throughout 2024 and share projections for 2025. We discuss the introduction of a new documentation prefix, analyze IPv6 usage statistics, and review No NAT November. For 2025, we explore the possibilities of updates to RFC 6724 and global adoption of... Read more »NAN081: We’re Going To Talk Python To You
On today’s episode, we’re going to talk Python. Host Eric Chou is joined by Michael Kennedy, the founder of Talk Python Training and host of the Talk Python To Me podcast. The discussion covers the evolution of Michael’s podcast and training business, the impact of platforms like TikTok on learning, and the importance of community... Read more »From Python to Go 008. Object Oriented Programming Or Build Your Own Network Switch.
Hello my friend,
So far we have covered almost all possible data types in Python and Go (Golang), at least the ones we are going to use ourselves for network automation. One of these data types, which we have introduced in the previous blog post, that is object/class or struct, has without overestimations enormous importance as it opens for us doors into object oriented programming. As doors are opened, let’s enter them.
Festive Time Is Here… Make Sure You Make Most Of It.
Meaning, apart of spending time your family and friends, cooking, eating and dancing, you also study network automation with our trainings!
We offer the following training programs in network automation for you:
- Zero-to-Hero Network Automation Training
- High-scale automation with Nornir
- Ansible Automation Orchestration with Ansble Tower / AWX
- Expert-level training: Closed-loop Automation and Next-generation Monitoring
During these trainings you will learn the following topics:
- Success and failure strategies to build the automation tools.
- Principles of software developments and the most useful and convenient tools.
- Data encoding (free-text, XML, JSON, YAML, Protobuf).
- Model-driven network automation with YANG, NETCONF, RESTCONF, GNMI.
- Full configuration templating with Jinja2 based on the source of truth (NetBox).
- Best programming languages (Python, Continue reading
The role of email security in reducing user risk amid rising threats
Phishing remains one of the most dangerous and persistent cyber threats for individuals and organizations. Modern attacks use a growing arsenal of deceptive techniques that bypass traditional secure email gateways (SEGs) and email authentication measures, targeting organizations, employees, and vendors. From business email compromise (BEC) to QR phishing and account takeovers, these threats are designed to exploit weaknesses across multiple communication channels, including email, Slack, Teams, SMS, and cloud drives.
Phishing remains the most popular attack vector for bad actors looking to gain unauthorized access or extract fraudulent payment, and it is estimated that 90% of all attacks start with a phishing email. However, as companies have shifted to using a multitude of apps to support communication and collaboration, attackers too have evolved their approach. Attackers now engage employees across a combination of channels in an attempt to build trust and pivot targeted users to less-secure apps and devices. Cloudflare is uniquely positioned to address this trend thanks to our integrated Zero Trust services, extensive visibility from protecting approximately 20% of all websites, and signals derived from processing billions of email messages a year.
Cloudflare recognizes that combating phishing requires an integrated approach and a more complete view Continue reading
DSNS Nameservers
It's common folklore in the Domain Name System that a delegated domain name must be served by 2 or more nameservers. This guidance raises a couple of questions. Firstly, when presented with a list of nameservers for a domain how do recursive resolvers respond? Do they send queries to all of the nameservers at once? Or do they serialise their actions in looking for a responsive nameserver? Secondly, if these queries are serialised, then how can a domain administrator organise the zone’s nameservers to maximise both DNS resolution performance and service resilience?D2DO261: Year in Review: Peak Serverless, K8s Complexity, DevOps Sprawl (and What’s Next)
Join us today for a look back at this year’s developments in cloud security and DevOps. We ask if serverless computing has peaked, why Kubernetes continues to be so hard, whether cloud repatriation is a real trend, and whether the DevOps role has become too darn big. We also explore the future of cloud computing,... Read more »HS091: The Game Has Changed: Security Strategy After Salt Typhoon and the Pager-Bomb Hack
Recent events have driven home a simple fact: neither your devices nor your network services can be trusted totally, and they could all be turned against you, possibly fatally. Join us as we discuss the harsh realities of the evolving cybersecurity space, and how enterprise leaders in and out of IT need to change their... Read more »