Home Web system Cloudflare not pulling out of Russia completely, company says, as tech companies forced to step in

Cloudflare not pulling out of Russia completely, company says, as tech companies forced to step in


Written by AJ Vicens

Cloudflare, a major web infrastructure company that keeps websites online by protecting them from distributed denial-of-service attacks, said on Monday it would continue to provide certain services in Russia despite several calls to pull out, saying that “Russia needs more internet access, not less.”

The statement is just the latest example of internet infrastructure companies having to explain how they approach business in Russia as that country’s government continues its brutal assault on Ukraine and the Ukrainian government seeks to isolate Russia. of the Internet by publicly denouncing the main technologies. and web companies with business interests there.

In a statement, Cloudflare CEO Matthew Prince said the company has seen a “dramatic increase in requests from Russian networks to media around the world, reflecting the desire of ordinary Russian citizens to see news from the world beyond from those supplied in Russia”.

The statement details the various measures the company has taken to help Ukraine, such as free Distributed Denial of Service (DDoS) protection for certain organizations there, and says it continues to monitor and update. update its business practices in accordance with sanctions over time. But cutting its services in Russia “wouldn’t do much to the Russian government” and “rather limit access to information outside the country”, and would be “celebrating[d]by the Russian government, Prince argued.

DDoS attacks make websites, web services, or networks inaccessible, usually by flooding them with bogus traffic. They are relatively basic in terms of disruptive activity and do not require high level skill or sophistication to be successful.

Another major DDoS attack mitigation company, Akamai, said in a statement on Monday that it would also “maintain our network presence in Russia” but would suspend all sales efforts in Russia and Belarus, would end business with majority state-owned Russian and Belarusian customers, and provide continued support for humanitarian needs in Ukraine through its foundation.

The statement noted, twice, that Akamai “stands with the people of Ukraine” and said its ongoing work in Russia “supports our global customers…as they strive to deliver vital information and accurate to all corners of the world, including to the citizens of Russia.

The Ukrainian government and others have increasingly called on these companies to pull out of Russia and limit Russian entities’ access to the internet, while the Russian government has restricted access within its borders to Facebook and Twitter, and worked to stifle any independent information about his war. Hacktivists attacking Russia targeted several Russian sites with apparent DDoS attacks – sometimes with the encouragement of the Ukrainian government – ​​while the Ukrainian government and organizations faced repeated DDoS disruptions in the weeks and days leading up to the invasion , as well as more destructive attacks. cyber attacks.

“Cloudflare should not protect Russian web resources while their tanks and missiles attack our kindergartens,” said Mykhailo Fedorov, Ukraine’s Minister of Digital Transformation. tweeted on February 28.

Cogent, a major US company and one of the world’s largest internet network operators, announced on Friday that it would cut off its Russian customers beginning March 4.

The effect of the Cogent decision would not eject Russia from the internet, but “as Russia becomes increasingly disconnected from the financial system, Russian communications companies may find it difficult to pay foreign transit providers for the service,” wrote Doug Madory, the Internet Analytics Directory. for netflow company Kentik, adding that the decision was “unprecedented in internet history”.

Also on Friday, cybersecurity firm SOC Prime issued a statement and launched an online petition calling on Cloudflare, Akamai, Amazon Web Services, Imperva, and Sucuri to cease DDoS services in Russia.

“By continuing to provide access to these defensive measures, these companies have tacitly chosen a side and should explain their rationale for supporting Russia in the face of severe sanctions and strong signals from the majority of industry peers who have chosen to make the good thing,” the company, based in the United States but with Ukrainian roots, said in its statement.

Amazon Web Services said on Friday it had no data centers, infrastructure or offices in Russia, and said it had “a long-standing policy not to do business with the Russian government.” .

Its customers using AWS in Russia “are companies headquartered outside the country that have development teams there,” the company said in a statement, adding that if a customer “uses AWS services to threaten , incite, promote or actively encourage violence, terrorism or other serious harm to others, they will not be permitted to use our services.”

Imperva has “made the decision to suspend all new sales and operations in Russia and Belarus,” the company said in a statement released Monday afternoon, and “notified existing customers and deactivated our point of presence in Moscow.” . The company added that it was “heartbroken by the escalation of events in Ukraine”.

Sucuri did not respond to a request for comment.

Also on Monday, Cloudflare, CrowdStrike and Ping Identity announced that they are offering free cyber protections to US hospitals and water and electric utilities in light of the increased risk since the Russian invasion of Ukraine.

After seeing the companies’ statements on Monday, Andrii Bezverkhyi, co-founder and CEO of SOC Prime, told CyberScoop that the companies “continue to actively defend Russian government affiliates through their DDoS services even after publishing their ambiguous statements.” .

Bezverkhyi, a member of the Ukrainian Incident Response Team that unpacked Russia NotPetya’s attack on Ukraine, added that “vendors that continue to protect Russian assets from DDoS attacks should immediately cease this support or respond of their justification”.

Updated on 07/03/22: Include Bezverkhyi’s statement.