Cloudflare Rebuffs Ukraine Requests to Stop Working With Russia

09 Mar 2022, 10:01 AM IST

(Bloomberg) --

Cloudflare Inc. said Monday it won’t stop providing services to Russian organizations, rebuffing calls from Ukrainian officials and activists who say the company is getting in the way of cyberattacks meant to protest Russia’s invasion.

Cloudflare sells software that stops distributed denial-of-service, or DDoS, attacks, a basic form of malicious cyber activity that attackers use to overwhelm websites with traffic. U.S. officials said last month that Russian-sponsored attackers used DDoS attacks to render Ukrainian government and bank websites inaccessible, complicating Ukrainians’ ability to access basic civic and financial information.

Ukrainian technology executives are now calling on U.S. providers to stop protecting Russian organizations from the same attacks.

“DDoS protection should not be given to Russia in any way, shape or form,” Andrii Bezverkhyi, chief executive officer of the security firm SOC Prime Inc., told Bloomberg News.

Matthew Prince, Cloudflare’s CEO, wrote in a blog post that the company will continue providing services that help Russian sites remain online, while making adjustments to adhere to U.S. sanctions. Russian citizens need “more internet access, not less,” Prince wrote.

A Bloomberg News analysis determined that a range of Russian websites rely on Cloudflare services in various capacities. The pro-Kremlin news website Pravda.ru, which on Feb. 28 published an editorial questioning the legitimacy of Ukraine’s borders, uses a Cloudflare proxy service that aims to mitigate attacks, according to a review of the domain lookup sites Hosting Checker and Selesti.

Meanwhile, sites that spread disinformation about Russia’s invasion of Ukraine use Cloudflare’s content delivery network to quickly load internet pages, as well as Cloudflare DNS, which is marketed as a service that provides “advanced security with built-in DDoS mitigation” techniques.

They include news.ru, topwar.ru and donbasstragedy.info, which purports to be run by human rights advocates in eastern Ukraine, but was actually covertly created by a Russian intelligence agency and has spread false allegations about genocide committed by the Ukrainian military, the Washington Post reported.

Cloudflare didn’t respond to follow-up questions about its purported Russian clients. A search of the domain database Who.is indicated use of Cloudflare by news.ru and topwar.ru. Cloudflare also supports donbasstragedy.info, according to Hosting Checker and Selesti.

The company’s announcement comes amid growing pressure on U.S. technology companies to stop their work in Russia. Apple Inc., Microsoft Corp., Alphabet Inc.’s Google and Netflix Inc. are among the firms that have announced that they are curtailing business there.

On Feb. 28, Ukraine’s minister of digital transformation, Mykhailo Fedorov, asked Cloudflare to stop providing web resources to the Russian government, saying that would “help stop outrageous military aggression.”

Since then, others have pressured the company to do the same. Yegor Aushev, co-founder of Kyiv-based cybersecurity company Cyber Unit Technologies, is helping organize a makeshift Ukrainian coalition of hackers that has carried out cyberattacks targeting Russian government assets. He said in an interview he wants the U.S. to block American companies from providing such services to Russia.

“If you defend it, you support it,” Aushev said. “This needs to be stopped.”

Now, hacktivists aren’t waiting for tech firms to act.

Software developers behind disBalancer, an anti-fraud service for business clients, are offering free technology to enable attacks against Russian propaganda services.

Roughly 6,000 users have enlisted the tool in a span of four days, the company said in a Twitter direct message to Bloomberg News.

“Therefore, we hope as many people as possible use the application to increase the bandwidth volume used to perform DDoS attacks on the Kremlin’s target efficiently.”