Bots’ efficiency and consistency can also be useful for taking care of non-commercial routine tasks. For example, the DoNotPay bot is a service bot that helps users cut red tape, automating the process of contesting parking tickets online in cities around the world (Mannes, 2019). The bot saves users time by automating the rote legal process, making it quicker and easier to contest tickets; it has saved users millions of dollars in fines since it launched (Johnson, 2016).
Crawlers/spiders
As we saw in the previous discussion of 1990s bots, automated agents are also extremely useful for collecting and organizing large bodies of data and information. For example, during the 2014 mayoral race in the Taiwanese city of Taipei, bots enabled data analytics companies to gather real-time data on voter preferences and reactions to candidates’ campaign messages (Liu, 2019; Monaco, 2017). These infrastructural, non-social bots, which often operate quietly in the background, passively surfing websites and gathering information, make up the bulk of bot activity online. When several cybersecurity firms recently reported that bot traffic exceeds human traffic on the web (Imperva, 2020; LaFrance, 2017), they did not mean social troll bots intended to sow political chaos on Twitter. As we have seen, there are many types of bots. When reading reports like these, readers must play close attention to the context in which the word “bot” is used: in these reports, “bot” mainly meant crawlers and spiders, which “are an infrastructural element of search engines and other features of the modern World Wide Web that do not directly interact with users on a social platform, and are therefore considerably different than automated social media accounts” (Gorwa & Guilbeault, 2018).
Spambots
As we saw above, spambots are computer programs that send out tens of thousands of messages or emails, often intended to draw users into malicious scams or to sell low-profile products. Some spambots function like crawlers, trawling the internet, looking for accessible comments sections to load up with spam or scraping webpages for email addresses to spam with emails. Examples of these crawler-type email scrapers include the ActiveAgent and RoverBot examples discussed in the previous section (Hayati et al., 2009; Leonard, 1997b pp. 140–148). Other spambots target social media sites, overloading users with malicious links or product promotion (Keelan et al., 2010). While spam is normally aimed at making money rather than disseminating political messaging, networks of social spambots can be reappropriated for political messaging with the flip of a switch (Monaco, 2019a; Thomas et al., 2012).
Cyborgs
The “cyborg” bot is a hybrid type of bot that does not fit perfectly into any of the previous categories. Cyborgs are a special form of social bot – automated accounts on social media that can be thought of as “bot-assisted human” or a “human-assisted bot” (Zi et al., 2010). However, the line between fully automated bot and cyborg bot is fuzzy, for it has “never been clear exactly how much automation makes a human user a cyborg, or how much human intervention is needed to make a bot a cyborg” (Gorwa & Guilbeault, 2018).
Since cyborgs are partially controlled by humans, they leave different, less predictable activity signatures than normal, fully automated bots. For this reason, they are often able to slip through social media companies’ cybersecurity and bot detection algorithms. In the past few years, they have become increasingly common as a tool for political messaging (Woolley, 2020a, p. 85); for example, during the 2019 US Democratic presidential primary debates, one cyborg called the YangGang RT bot retweeted mentions of candidate Andrew Yang (Monaco, 2019b). Another recent form of cyborg political activism and campaigning is the “Volunteer botnet” – the willing temporary donation of one’s social media account to be used as a bot for political campaigning (Woolley & Monaco, 2020). We’ll cover cyborgs in greater depth in our chapter on political bots.
Zombies, or compromised-device bots
A relatively unfamiliar type of bot for the general public is the “zombie” device – any internet-connected device (computer, phone, fridge, smart TV, etc.) that has been hacked and is controlled by a malicious hacker. These “zombie” devices can become nodes in bot networks, sending out billions of spam emails per day or overloading target servers and websites in what is known as a distributed denial of service (DDoS) attack (Rodríguez-Gómez et al., 2013). Indeed, most DDoS attacks are carried out using botnets of compromised devices. This meaning of the term “bot” became common in the 2000s (Yang et al., 2014).
Lots of bots – botnets
Automated agents often work in concert with one another in “botnets” (short for “bot networks”) – a network of computer programs that work together to accomplish the same goal. The networked bots’ functions need not be identical: often, the bots in a network perform complementary functions (Cresci, 2020). For example, imagine a small network of Twitter bots that promote the hashtag #TacoTuesday on Twitter. The network might have 100 bots split evenly into seeders and promoters, with the 50 seeder bots dedicated to sending out pre-composed tweets that include the hashtag #TacoTuesday and the remaining 50 promoter bots used to retweet and like posts from the seeders. None of the 100 bots necessarily need to follow each other in order to be considered a botnet – they only need to be working toward the same goal. This group of 100 bots is therefore a botnet, for they share the common goal of promoting #TacoTuesday.
Botnets are not necessarily networks of social bots, like our #TacoTuesday botnet. The word botnet is also used to designate a network of compromised devices – the zombie bots described above. When a hacker gains administrative access to a computer, it can use that computer to perform any task, often without the owner’s knowledge. (Here, we mean “computer” in the broadest sense: any internet-connected device capable of receiving and carrying out instructions.) When a large number of these compromised internet-connected devices are networked together, a single hacker has a surplus of computing power that they can use to do whatever they want: steal the computer owners’ private information, exploit the spare computing power to make money by mining cryptocurrencies (cryptojacking), or use them to crash targeted websites via distributed denial-of-service, or DDoS, attacks.
DDoS attacks work by vastly overloading a website, driving so much traffic to it that its infrastructure collapses – imagine 10,000 cars all trying to get off of a one-lane highway exit at once, or a lecture hall of 1,000 students all asking the professor a question at the exact same time. These DDoS attacks have gotten larger and larger, driving larger and larger amounts of traffic to sites via botnets, because there is an enormous and growing pool of devices available for compromise: the rapidly growing Internet-of-Things (IoT). IoT is a term used to describe internet-connected devices that we may not traditionally think of as computers – DVD players, refrigerators, smart doorbells, laundry machines, TVs, cars, drones, baby monitors, etc. Because these internet-connected mundane household appliances are rarely designed with cybersecurity in mind, they are far too easy to compromise and turn into botnets. For example, in 2016, the Mirai botnet used over 400,000 internet-connected devices to bring down servers at the French web hosting service OVH and the web application company Dyn. The attack disrupted the services of several popular websites, including Amazon, Netflix, the New York Times, and Twitter. (Most of the compromised devices were hacked using a list of just 62 default usernames and passwords commonly used on IoT devices (United States Cybersecurity & Infrastructure Security Agency, 2016).)
Misnomers and Misuse
As