CloudFlare criticised as Anonymous wages DDoS war on ISIS
CloudFlare criticised as Anonymous wages DDoS war on ISIS

Anonymous division, GhostSec, has recently been monitoring ISIS' online and social communications as part of the Op Isis (#OpISIS) campaign with one team member telling that it plans to attack hundreds of ISIS websites in the coming days.

He/she said that the group has tired of CloudFlare's ‘blatant protection' of terrorist sites, publishing a list revealing how the CDN and DNS provider was being used by numerous ISIS websites.

“It will be a huge campaign where we will take down the ISIS sites they [are] protecting,” said the member. “All of GhostSec is dedicated to this, [its] gonna be huge.”

“Take a look at the content, [it's] vile. If Facebook and Twitter can remove ISIS content when reported why should CloudFlare not?”

In conversation, the team member said that Anonymous had scoped over 140 sites by Wednesday, but believes that there are around 460 in total online. Most of these are used for recruitment although ISIS is also increasingly active on social media - Europol director Rob Wainwrights recently claimed that there are 50,000 Isis Twitter accounts, sending out up to 100,000 Twitter messages each day.

The Anonymous spokesperson was reluctant to go into detail on the nature of the attack, only to say that it would largely be using DDoS attack “using a routing vulnerability to find the hosts so we can attack them.”

The list of targets provided to SC shows that sites were hosted in the US and UK, with around half of all sites (the spokesperson said between 40 to 60 percent) protected by CloudFlare, the free used for performance and security.

UK hosts included Webhosting UK Ltd, Digital Ocean, Heart Internet Ltd UK and Cageprisoners Ltd, while Turkey accounted for 10 percent of sites.

Matthew Prince, CEO of CloudFlare, said on a call with SC that CloudFlare doesn't directly host sites or their content and stressed that removing its service from these sites would only makes sites slower and more vulnerable to attack.

He said that hacktivist demands to terminate their services was “kind of a strange request” when the firm believes in the due process of going down proper law enforcement channels rather than listening to the ‘mob rule'.

He also added that there was some irony, given that Anonymous has ‘on and off' used the CloudFlare network since it launched in 2010.

“Should Google be forced to remove these sites from their search results?” He added, if they were, the internet would “not be a version of the internet you'd want to live with.”