Cloudflare won’t stop providing services to Russian organisations, rebuffing calls from Ukrainian officials and activists who say the company is getting in the way of cyberattacks meant to protest Russia’s invasion.
Cloudflare sells software that stops distributed denial-of-service, or DDoS, attacks, a basic form of malicious cyber activity that attackers use to overwhelm websites with traffic. US officials said last month that Russian-sponsored attackers used DDoS attacks to render Ukrainian government and bank websites inaccessible, complicating Ukrainians’ ability to access basic civic and financial information.
Ukrainian technology executives are now calling on US providers to stop protecting Russian organisations from the same attacks.
“DDoS protection should not be given to Russia in any way, shape or form,” said Andrii Bezverkhyi, CEO of the security firm SOC Prime.
Matthew Prince, Cloudflare’s CEO, wrote in a blog post that the company will continue providing services that help Russian sites remain online, while making adjustments to adhere to US sanctions. Russian citizens need “more Internet access, not less”, Prince wrote.
A range of Russian websites rely on Cloudflare services in various capacities. The pro-Kremlin news website Pravda.ru, which on 28 February published an editorial questioning the legitimacy of Ukraine’s borders, uses a Cloudflare proxy service that aims to mitigate attacks, according to a review of the domain lookup sites Hosting Checker and Selesti.
Disinformation sites
Meanwhile, sites that spread disinformation about Russia’s invasion of Ukraine use Cloudflare’s content delivery network to quickly load Internet pages, as well as Cloudflare DNS, which is marketed as a service that provides “advanced security with built-in DDoS mitigation” techniques.
They include news.ru, topwar.ru and donbasstragedy.info, which purports to be run by human rights advocates in eastern Ukraine, but was actually covertly created by a Russian intelligence agency and has spread false allegations about genocide committed by the Ukrainian military, the Washington Post reported.
Cloudflare didn’t respond to follow-up questions about its purported Russian clients. A search of the domain database Who.is indicated use of Cloudflare by news.ru and topwar.ru. Cloudflare also supports donbasstragedy.info, according to Hosting Checker and Selesti.
The company’s announcement comes amid growing pressure on US technology companies to stop their work in Russia. Apple, Microsoft, Google and Netflix are among the firms that have announced that they are curtailing business there.
On 28 February, Ukraine’s minister of digital transformation, Mykhailo Fedorov, asked Cloudflare to stop providing Web resources to the Russian government, saying that would “help stop outrageous military aggression”.
Since then, others have pressured the company to do the same. Yegor Aushev, co-founder of Kyiv-based cybersecurity company Cyber Unit Technologies, is helping organise a makeshift Ukrainian coalition of hackers that has carried out cyberattacks targeting Russian government assets. He said in an interview he wants the US to block American companies from providing such services to Russia.
“If you defend it, you support it,” Aushev said. “This needs to be stopped.”
Now, hacktivists aren’t waiting for tech firms to act.
Software developers behind disBalancer, an anti-fraud service for business clients, are offering free technology to enable attacks against Russian propaganda services.
Roughly 6 000 users have enlisted the tool in a span of four days, the company said. “Therefore, we hope as many people as possible use the application to increase the bandwidth volume used to perform DDoS attacks on the Kremlin’s target efficiently.” — Jeff Stone and Ryan Gallagher, (c) 2022 Bloomberg LP