• You didn't think it was going
    to be that easy, did you?
  • Orange before it was cool
  • All I'm offering
    is the truth
  • I need your clothes, your
    boots and your motorcycle
  • Suddenly it's not decades
    away - it's right now
  • “Life,” said Marvin dolefully, “loathe
    it or ignore it, you can’t like it.”
  • Madness, and then illumination
  • Resistance is futile
  • Let the Hunger Games begin
  • I am your father
  • Aren’t you a little short
    for a stormtrooper?
  • Into the garbage chute, flyboy!
  • I’ve got a very bad
    feeling about this
  • I find your lack of faith disturbing
  • Watch your future’s end
  • Clearly, fame isn’t everything,
    is it, Mr. Potter?
  • Ask why.
  • Fair and balanced
  • Here it is, your
    moment of Zen
  • Tell me what you don't
    like about yourself
  • You won't like us
    when we're angry
  • You're fired
  • Where's the beef?
  • More than just
    a princess
  • We've got to risk implosion
  • A fire-eater must eat fire
  • I want to see gamma rays!
  • Hey doll, is this guy
    boring you?
  • We need not to
    be let alone
  • Yada, yada, yada

Does CloudFlare turn a blind eye to terrorism?

The web security company CloudFlare keeps the official website of a terrorist organisation associated with al-Qaeda online, because its activities fall under the rubric of ‘free speech’, writes James Cook.

General Keith Alexander, director of the National Security Agency

General Keith Alexander, director of the National Security Agency

The website Kavkaz Center belongs to a terrorist organisation associated with al-Qaeda. According to the United Nations Security Council, the group behind the site is comprised of hundreds of militants who plan and carry out terrorist attacks such as the 2011 Domodedovo Airport bombing. The terrorist group uses its website to claim responsibility for terrorist attacks and spread its violent messages. The site is kept online by the American web security company CloudFlare.

In the wake of the Boston marathon bombing, the US media investigated Chechen mujahideen sites, the most high-profile of which is the Kavkaz Center. The site is the official news source for “the Caucasian Emirate”, a militant group seeking to establish an Islamic state in the Caucasus. They use the Kavkaz Center website to claim responsibility for terrorist attacks, often sharing explicit and bloody images of their violent actions.

An image posted on the Kavkaz Center claiming to originate from an attack carried out by Chechen Mujahideen.

An image posted on the Kavkaz Center claiming to originate from an attack carried out by Chechen Mujahideen.

As soon as the names of the Boston bombing suspects were published, journalists rushed to find their online identities. One of the first pages to be highlighted by the media was a YouTube account reportedly belonging to Tamerlan Tsarnaev. In a playlist called ”Favourite videos” was one uploaded by the Kavkaz Centre.

The YouTube account that uploaded that video has now been closed, but news reports published at the time verify the claim that content from The Kavkaz Centre may have influenced the elder Tsarnaev brother. The Guardian reported that Tsarnaev traveled to the region that the terrorist group behind the site operates in shortly before adding their promotional videos to his YouTube playlist.

The Kavkaz Center site uses CloudFlare technology to protect against the frequent DDoS attacks it receives. CloudFlare’s website boasts of “ridiculously easy security”. When online activists attempt to take the site offline by routing masses of traffic to Kavkaz’s servers, visitors to the site are met with this message:

This page (http://www.kavkazcenter.com/eng/) is currently offline. However, because the site uses CloudFlare’s Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by CloudFlare

The Kernel reached out to CloudFlare’s press team for comment, and our questions were published in a blog post by CloudFlare chief executive Matthew Prince, titled “CloudFlare and Free Speech”. When asked whether he was aware that the US Government considered the website dangerous, Prince wrote that “the US Government is not in the business of labeling websites as dangerous”.

While it may be true that there is no official listing of dangerous websites published by the US Government, we do know that US intelligence agencies attack dangerous websites connected to al-Qaeda to thwart the efforts of terrorist groups. These attacks are ongoing, contradicting Prince’s view that “a website … is nothing but speech”.

While many terrorist websites do contain plenty of speech, as the Kavkaz Center does, the US Government proactively attacks sites that present a danger to US citizens. For someone who boasts on his LinkedIn profile that he has done “substantial work with government and law enforcement officials in the United States”, Prince seems unaware that the US security forces consider the websites of dangerous terrorists to be a very real security threat.

And it’s not just the US Government interested in taking terrorist sites off the internet. Multiple legal efforts have been carried out by the Russian, Lithuanian and Finnish Governments to take www.kavkazcenter.com down. Russia’s ministry of foreign affairs has sent notes to 11 of the countries where the Kavkaz Center is hosted. The site posts extremist and terrorist material, but thanks to CloudFlare’s trademarked Always Online technology, it’s able to resist regular internet attacks and continue to spread the news of the latest terror attacks by the Chechen mujahideen.

According to Matthew Prince, revoking CloudFlare’s services to the Kavkaz Center would only make the site “a bit slower”. That’s likely not true. Multiple and regular efforts are taken by groups around the world to take the site down with DDoS attacks, and CloudFlare technology is one of the only reasons the objectionable content remains online.

In the CloudFlare response post to The Kernel’s inquiries, Prince made a series of nonsensical analogies in an attempt to make his company’s support for a terrorist group’s website seem almost normal.

One comparison made by Prince is that Google caches pages, as does CloudFlare. He considers this justification for not installing safeguards on the content they host (even temporarily). But Google is not paid by any terrorist groups, while it is likely that CloudFlare is.

When The Kernel asked Prince whether the Kavkaz Center is a paying customer of CloudFlare, he declined to answer. According to Prince, CloudFlare offers “some level” of DDoS protection on their free plan. It is unknown whether the free tier would resist the large and regular attacks that the Kavkaz Center comes under.

Perhaps  Prince would withdraw his company’s services if he knew what the Kavkaz Center actually is. In a tweet posted the same night as the CloudFlare blog post referenced above was published, he refers to the Kavkaz Center site as merely “a site that advocates for Chechen independence”. Well, yes. The site belongs to a terrorist group who reportedly kill people as a way to advocate for Chechen independence.

When we asked whether CloudFlare is aware of the content spread through the Kavkaz Center, Prince suggested that “it would be creepy” to monitor traffic through its servers. However, in emails sent to The Kernel prior to the publication of this piece, Prince quoted from a near-final version of this article that resided behind a CSS curtain. (Obviously his squeamishness about poking his nose where he shouldn’t doesn’t apply to journalism about CloudFlare.)

For those keen to understand the technical details here, it’s important to note how CloudFlare stores and serves the cached versions of sites. They cache items like images, video and CSS in local data centres owned by CloudFlare. The company is using regional servers to host their cached versions of sites, meaning that potentially unlawful propaganda material from a terrorist group is being hosted on servers around the world.

DDoS attacks are a frequent event for the Kavkaz Center, and thus the servers owned by CloudFlare play an important role in sharing content by the terrorist group. For example,  in the aftermath of the  2011 Domodedovo Airport bombing, the Kavkaz Center was used by terrorist Doku Umarov to claim responsibility for the suicide blast that killed at least 37 people.

The servers, hosted in Finland and Sweden, are controlled by Mikael Storsjö, a dangerous man reportedly responsible for smuggling Chechen militants into Finland. He also happens to be vice president of the EFF (Electronic Frontier Finland). Aside from hosting the website of a dangerous terrorist organisation, he has also admitted to soliciting donations for the group.

The servers behind the Kavkaz Center belong to Storsjö. We can now see that the official website of a dangerous terrorist group whose leader has an international arrest warrant is hosted by a man who reportedly smuggles militants out of Chechnya. Yet CloudFlare maintains that investigating the content posted on the Kavkaz Center would be ‘creepy’, and thus they avoid doing so.

As Kernel editor Milo Yiannopoulos told PandoDaily Sunday night, as a CDN, an argument could be made that CloudFlare is itself republishing potentially illegal material and therefore directly assisting in the planning of attacks on US soil and the spread of radical Islamism. The company apparently sees no problem with this, resting on a “free speech” argument that not even the most hardline free speech campaigners would likely recognise.


Subscribe to our mailing list

Stay informed. Join The Kernel by subscribing for free to our mailing list and receive exclusive content, offers and information relevant to you, direct to your inbox.

We collect email addresses solely for the purposes of keeping you up to date with our journalism, events, offers and other information we think you may be interested in. We never share your email address with anyone and we only use it to send you information about The Kernel that we believe you will enjoy.