Source: National Cyber Security – Produced By Gregory Evans
San Francisco cybersecurity firm Cloudflare’s services protected three child-sex-abuse websites for years, according to a new report.
The company, which sells website performance, reliability and security services, shielded the three sites from identification despite being notified by the National Center for Missing and Exploited Children about abuse imagery on the sites, according to the report Monday in the New York Times. The sites have since shut down.
Cloudflare lawyer Doug Kramer told this news organization on Monday that since the company’s founding, it has taken online sexual exploitation seriously and has “worked hard to understand our role and what we could do to help, despite the fact that we don’t host content and aren’t in a position to remove content from the internet.” Cloudflare works with a number of international groups to support their investigations by providing information about Cloudflare customers, Kramer said.
One of Cloudflare’s most-popular services hides clients’ internet addresses, “making it difficult to identify the companies hosting them,” according to the Times. “The protections are valuable to many legitimate companies but can also be a boon to bad actors.”
An executive at the National Center for Missing and Exploited Children told the Times that starting in 2014 the center sent Cloudflare notices about the three sites, including thousands of notices last year, the report said.
A Canadian non-profit fighting child sex abuse that also investigated the sites provided records showing that since early 2017, more than 130,000 child-sexual-abuse reports were made about 1,800 sites Cloudflare protected, the Times reported. As of this month, the company was offering services to 450 sites that had been reported to the Canadian group, according to the Times, which cited the group’s records.
Kramer told the Bay Area News Group in an emailed message that Cloudflare’s cybersecurity services can protect a server from attacks, but that protection can make it hard for investigators to find and remove illegal content.
“We have worked to get rid of any barrier caused by our services for investigators and have included more than 60 entities … in our ‘trusted reporter’ program to expedite information to them,” Kramer said. The company announced last month that it would develop a tool to allow investigators to get information “instantaneously,” Kramer said.
Cloudflare also has taken steps to cut services to a website when it becomes clear the site is dedicated to sharing child-sexual-abuse material or if the site operators don’t take appropriate measures to take down such content, he said. He did not specify which sites had services cut or when any actions were taken.
The moderator of the three sites last month posted a message titled, “R.I.P,” according to the Times, which credited the Canadian Center for Child Protection with forcing the sites’ closure.
Source link
The post #nationalcybersecuritymonth | S.F.’s Cloudflare accused of protecting sexual-abuse sites: report appeared first on National Cyber Security.