Does CloudFlare turn a blind eye to terrorism?

By James Cook on August 12th, 2013

The website Kavkaz Center belongs to a terrorist organisation associated with al-Qaeda. According to the United Nations Security Council, the group behind the site is comprised of hundreds of militants who plan and carry out terrorist attacks such as the 2011 Domodedovo Airport bombing. The terrorist group uses its website to claim responsibility for terrorist attacks and spread its violent messages. The site is kept online by the American web security company CloudFlare.

In the wake of the Boston marathon bombing, the US media investigated Chechen mujahideen sites, the most high-profile of which is the Kavkaz Center. The site is the official news source for “the Caucasian Emirate”, a militant group seeking to establish an Islamic state in the Caucasus. They use the Kavkaz Center website to claim responsibility for terrorist attacks, often sharing explicit and bloody images of their violent actions.

An image posted on the Kavkaz Center claiming to originate from an attack carried out by Chechen Mujahideen.

An image posted on the Kavkaz Center claiming to originate from an attack carried out by Chechen Mujahideen.

As soon as the names of the Boston bombing suspects were published, journalists rushed to find their online identities. One of the first pages to be highlighted by the media was a YouTube account reportedly belonging to Tamerlan Tsarnaev. In a playlist called “Favourite videos” was one uploaded by the Kavkaz Centre.

The YouTube account that uploaded that video has now been closed, but news reports published at the time verify the claim that content from The Kavkaz Centre may have influenced the elder Tsarnaev brother. The Guardian reported that Tsarnaev traveled to the region that the terrorist group behind the site operates in shortly before adding their promotional videos to his YouTube playlist.

The Kavkaz Center site uses CloudFlare technology to protect against the frequent DDoS attacks it receives. CloudFlare’s website boasts of “ridiculously easy security”. When online activists attempt to take the site offline by routing masses of traffic to Kavkaz’s servers, visitors to the site are met with this message:

This page ( is currently offline. However, because the site uses CloudFlare’s Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by CloudFlare

The Kernel reached out to CloudFlare’s press team for comment, and our questions were published in a blog post by CloudFlare chief executive Matthew Prince, titled “CloudFlare and Free Speech”. When asked whether he was aware that the US Government considered the website dangerous, Prince wrote that “the US Government is not in the business of labeling websites as dangerous”.

While it may be true that there is no official listing of dangerous websites published by the US Government, we do know that US intelligence agencies attack dangerous websites connected to al-Qaeda to thwart the efforts of terrorist groups. These attacks are ongoing, contradicting Prince’s view that “a website … is nothing but speech”.

While many terrorist websites do contain plenty of speech, as the Kavkaz Center does, the US Government proactively attacks sites that present a danger to US citizens. For someone who boasts on his LinkedIn profile that he has done “substantial work with government and law enforcement officials in the United States”, Prince seems unaware that the US security forces consider the websites of dangerous terrorists to be a very real security threat.

And it’s not just the US Government interested in taking terrorist sites off the internet. Multiple legal efforts have been carried out by the Russian, Lithuanian and Finnish Governments to take down. Russia’s ministry of foreign affairs has sent notes to 11 of the countries where the Kavkaz Center is hosted. The site posts extremist and terrorist material, but thanks to CloudFlare’s trademarked Always Online technology, it’s able to resist regular internet attacks and continue to spread the news of the latest terror attacks by the Chechen mujahideen.

According to Matthew Prince, revoking CloudFlare’s services to the Kavkaz Center would only make the site “a bit slower”. That’s likely not true. Multiple and regular efforts are taken by groups around the world to take the site down with DDoS attacks, and CloudFlare technology is one of the only reasons the objectionable content remains online.

In the CloudFlare response post to The Kernel’s inquiries, Prince made a series of nonsensical analogies in an attempt to make his company’s support for a terrorist group’s website seem almost normal.

One comparison made by Prince is that Google caches pages, as does CloudFlare. He considers this justification for not installing safeguards on the content they host (even temporarily). But Google is not paid by any terrorist groups, while it is likely that CloudFlare is.

When The Kernel asked Prince whether the Kavkaz Center is a paying customer of CloudFlare, he declined to answer. According to Prince, CloudFlare offers “some level” of DDoS protection on their free plan. It is unknown whether the free tier would resist the large and regular attacks that the Kavkaz Center comes under.

Perhaps  Prince would withdraw his company’s services if he knew what the Kavkaz Center actually is. In a tweet posted the same night as the CloudFlare blog post referenced above was published, he refers to the Kavkaz Center site as merely “a site that advocates for Chechen independence”. Well, yes. The site belongs to a terrorist group who reportedly kill people as a way to advocate for Chechen independence.

When we asked whether CloudFlare is aware of the content spread through the Kavkaz Center, Prince suggested that “it would be creepy” to monitor traffic through its servers. However, in emails sent to The Kernel prior to the publication of this piece, Prince quoted from a near-final version of this article that resided behind a CSS curtain. (Obviously his squeamishness about poking his nose where he shouldn’t doesn’t apply to journalism about CloudFlare.)

For those keen to understand the technical details here, it’s important to note how CloudFlare stores and serves the cached versions of sites. They cache items like images, video and CSS in local data centres owned by CloudFlare. The company is using regional servers to host their cached versions of sites, meaning that potentially unlawful propaganda material from a terrorist group is being hosted on servers around the world.

DDoS attacks are a frequent event for the Kavkaz Center, and thus the servers owned by CloudFlare play an important role in sharing content by the terrorist group. For example,  in the aftermath of the  2011 Domodedovo Airport bombing, the Kavkaz Center was used by terrorist Doku Umarov to claim responsibility for the suicide blast that killed at least 37 people.

The servers, hosted in Finland and Sweden, are controlled by Mikael Storsjö, a dangerous man reportedly responsible for smuggling Chechen militants into Finland. He also happens to be vice president of the EFF (Electronic Frontier Finland). Aside from hosting the website of a dangerous terrorist organisation, he has also admitted to soliciting donations for the group.

The servers behind the Kavkaz Center belong to Storsjö. We can now see that the official website of a dangerous terrorist group whose leader has an international arrest warrant is hosted by a man who reportedly smuggles militants out of Chechnya. Yet CloudFlare maintains that investigating the content posted on the Kavkaz Center would be ‘creepy’, and thus they avoid doing so.

As Kernel editor Milo Yiannopoulos told PandoDaily Sunday night, as a CDN, an argument could be made that CloudFlare is itself republishing potentially illegal material and therefore directly assisting in the planning of attacks on US soil and the spread of radical Islamism. The company apparently sees no problem with this, resting on a “free speech” argument that not even the most hardline free speech campaigners would likely recognise.