US firm helps Hamas, Netanyahu keep hackers at bay

Both the terror group and the premier are customers of CloudFlare; even the IDF has used its DDOS protection

Image shows the location of CloudFlare's servers around the world (Photo credit: Screenshot)
Image shows the location of CloudFlare's servers around the world (Photo credit: Screenshot)

There isn’t much Prime Minister Benjamin Netanyahu and Hamas have in common — but one thing they do agree on is how to keep their websites safe from hackers. Both rely on a web service called CloudFlare, which helps customers avoid hacking and denial of service attacks.

CloudFlare enables users to mask their location and Internet connection service providers. As a result, would-be hackers don’t which server to attack, so they can’t try to pull a site down by hacking into it or attempting a denial of service attack.

Critics complain that CloudFlare provides protection equally to nations, legitimate concerns, criminals, and terrorists.

As Hamas fires hundreds of rockets at Israel, and the Israeli air force hits back at Gaza, hackers sympathetic to Hamas have over the past several days hacked into numerous Israeli websites, as is common during periods of increased tension. Several days ago, for example, anti-Israel hackers defaced one of the most popular Israeli Facebook pages, StatusHunter, replacing the content with a slideshow purporting to show how the IDF was making Gazans suffer.

A loosely organized group of anti-Israel hackers, said to be from Malaysia and Pakistan, set last Friday for a major denial of service (DDOS) attack on Israeli government servers, in the hope of overloading them with traffic in order to “freeze” their operations and force them off the Internet — but that effort failed. Friday came and went without incident.

Also, the usual crowd of relatively unskilled wannabe hacker “script kiddies” have been attacking and defacing websites of Israeli businesses that are vulnerable to hacking, because they have not updated their security programs or are using old versions of server software. In any event, according to Middle Eastern cyber-security expert Dr. Tal Pavel, from a quality point of view, “the hacking of the past week is no different than what goes on every day, war or no war,” although there has been a significant increase in the number of hacking attacks on Israeli websites.

What’s going on now is similar to what transpired on the Internet during Operation Pillar of Defense in 2012, the last time Israel and Hamas fought.  It is also similar to the kinds of hack attacks Israel suffered last April during OpIsrael, an organized worldwide hacker campaign against Israeli sites.

There is one significant difference: Israelis are not hitting back. During the past upturns of hacking activity, Israeli hackers managed to compromise the cyber-security of the anti-Israel groups. This time there is little or no activity by Israeli hacker groups that have been up in the past. Many of the Facebook pages and Twitter feeds of these groups have been dormant since April, when OpIsrael concluded without incident.

And unlike in the past, the websites associated with Hamas, including its newly opened Hebrew update site, are operating without interruption. Hamas hired CloudFlare, a US company, to handle its online stability. CloudFlare does not host sites for Hamas or anyone else, a company spokesperson said. Instead, it provides a reverse proxy address, which basically masks the IP address of the terror group’s site and presents it as being provided by CloudFlare.

Using the CloudFlare content distribution network (CDN), the site’s content is hosted “somewhere out there” on an unknown server that is not connected to CloudFlare — thus, hackers don’t know what server or ISP to hit, making defacing, hijacking or DDOS attacks impossible.

Prime Minister Benjamin Netanyahu uses the same service. Netanyahu’s personal web site, which reports the Israeli leader’s latest doings and contains full transcripts of his speeches translated into English, among other things, is also safe from the clutches of Internet pirates, thanks to CloudFlare.

Even the IDF itself made use of CloudFlare’s services during Operation Pillar of Defense, as anti-Israel hackers rocked the IDF’s servers with hack attacks. By moving its site onto a server with an “anonymous” web address, using the virtual one provided by CloudFlare, the army was able to hold back the cyber-attacks. Ironically, Hamas was using the same service then — putting CloudFlare in the odd position of providing services to both Israel and its arch-enemy.

CloudFlare doesn’t see a problem with playing both sides of the street. “Both sides have an absolute right to tell their story,” company CEO Matthew Prince told Reuters in a 2012 interview. “We’re not providing material support for anybody. We’re not sending money, or helping people arm themselves,” he said, noting that CloudFlare provides services for US government agencies, Anonymous hackers, Wall Street banks, the anti-bank Occupy movement, and many others.

In Israel, several hundred private companies are customers of the site, along with Netanyahu. While Prince sees CloudFlare’s all-are-welcome policy as a matter of free speech, not all agree with him. A service that hides the location of a server would appeal not only to legal businesses, but illegal ones as well. A comprehensive anti-CloudFlare site, called CloudFlare Watch, argues exactly that. The site is a project of Public Information Research, which was behind, among other things, the now-defunct Scroogle website, one of the first to complain about what PIR and others charge is the loss of Internet privacy at the hands of Google.

“All CloudFlare customers are publishers, and many use CloudFlare because it encourages them to hide their original IP address,” said Daniel Brandt, PIR founder and president, on the CrimeFlare site. “When they receive abuse complaints, CloudFlare resorts to diversions to pretend that they are acting responsibly — assuming that they respond at all. A refusal to embrace web accountability leads to cybercrime. That’s why we use the term ‘CrimeFlare’ to describe this company.”

A list of sites that use CloudFlare include sites with names like anonymouspakistan.com, blackhatmafia.com, downloadformovie.com, filmtorrent.org, mafiawarez.com, and other similarly “wholesome”-sounding domains. And, of course, the Hamas sites — which, according to US law, should be banned from being hosted by servers in the US, because Hamas is listed as a terror organization. According to the Patriot Act, it has been illegal for American companies since 1997 to “knowingly provide ‘material support or resources’”– including “any property, tangible or intangible, or service” — to a designated foreign terror organization.

In an e-mail, a CloudFlare representative said the company had nothing to do with the content of a website. “Since we’re not a host, terminating a customer would not remove content from the Internet,” so there’s no point complaining to CloudFlare. According to the company, it has never been asked by any US government agency to stop doing business with any of the nearly 1 million domains listed on its servers — quite an accomplishment, some would say, given the company CloudFlare keeps.

https://www.youtube.com/watch?v=Bv2t5NN9CoU

Most Popular
read more: