Eric,

This is a thing.  It's really damaging for a lot of institutions. And, as you note...it's not well understood in terms of extent.  I decided (sort of on my own) that it could be helpful to get our arms around that extent and so built a quick survey.  It's only gone to "known" communities in my world.  But if you'd be willing to fill it out, I'd be grateful.  Several of the questions are about "would you be interested in some more formal gathering" and so far the results are almost universally "yes."  I think there is room for us to better map out what's working, at what cost, on which systems.  And share.  See below...

____________

Apologies for cross-channel distribution:

Has your institution been suffering from bots scraping your systems? Does it feel like a DDOS? Is it having an impact on your services and staff?

All of these are true for the UNC Chapel Hill University Libraries. Through informal and semi-formal channels, we are aware that these are not isolated incidents. 

We are interested in getting a better understanding of extent and impact.

Please take a moment to fill out this survey. It should take less than five minutes. (Note that all questions are optional. And if you do provide identifying information, you may opt out of further engagement.

https://forms.office.com/r/2r0MzE4zuw

If you are a part of a community that may be affected, please feel free to share and encourage participation.

Do not hesitate to contact me with questions or concerns.

Thank you,
Tim Shearer
AUL For Digital Strategies and IT
UNC Chapel Hill, University Libraries

-----Original Message-----
From: Code for Libraries <[log in to unmask]> On Behalf Of Eric Blevins
Sent: Wednesday, March 26, 2025 7:27 AM
To: [log in to unmask]
Subject: [CODE4LIB] Bot scraping/DDoS against ILS and discovery layers

[Some people who received this message don't often get email from [log in to unmask] Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

Good morning,

First time posting to Code4Lib, but have been a watcher for several years. I'm curious from strictly a numbers standpoint how many libraries might've been impacted recently (say the last couple of weeks or so) by massive bot harvesting of data, basically resulting in a DDoS attack, against your ILS, Discovery Layers, or other systems. I'm actually also curious if non-Innovative/Clarivate product libraries are seeing similar issues. We are an innovative/Clarivate product shop, so we have some awareness that others with those products were impacted. Again, aside from curiosity if you're a non-Clarivate shop, I'm not looking for specifics just wondering about the scope of the attacks against other institutions/orgs.

Regards,

Eric C. Blevins
Sr. Manager of Library Technology
RIT Libraries
Rochester Institute of Technology
Email: [log in to unmask]<mailto:[log in to unmask]>