Stop Russia’s DDoS Protection: SOC Prime Appeals to US Tech Leaders to Prevent Aggressors From Spreading Misinformation

Vlad Garaschenko
Latest posts by Vlad Garaschenko (see all)
WRITTEN BY
Vlad Garaschenko
[post-views]
March 04, 2022 · 4 min read

On February 24, 2022, Russia launched a full-scale invasion of Ukraine. Russia has called this a “Special Military Operation” for peacekeeping aimed at the “Liberation of Ukraine”. The facts illustrate something altogether different as destruction has been massive and civilian populations have suffered greatly. The war has cost the lives of 2,000 civilians, and the war refugee count is now over 1M. Russia continues to distort the truth, misleading its own citizens, and trying to misinform the world with fake news about the situation in Ukraine. 

The world has largely rallied to support Ukraine as nations implement the “Special Financial Operation” to withstand Russia’s aggression. Most notably, the White House has imposed sweeping sanctions on Russia’s largest financial organizations to cripple its economy. Many large companies have rallied in support of the sanctions by ceasing deliveries, suspending product sales, implementing enormous restrictions, or abandoning the Russian market. These are Apple, Google, AMD, Boeing, Cisco Systems, Dell, Dropbox, Ericsson, Exxon Mobile Corp., FedEx, HP, Intel, Nokia, and Walt Disney Company. Complying with the sanctions requires organizations to cease dealings with their Russian customers. This includes, but is not limited to:

  • No new sales transactions 
  • Suspension of support, subscription contracts, and professional services
  • Blocking delivery of product licenses with Russian customers

In addition, Mastercard Inc. and Visa Inc. have blocked many Russian activities from their payment networks. The list of US sanctions imposed on Russia is increasing, however, the aggressor continues its attack on the truth by spreading misinformation.

Unfortunately, some global tech leaders have failed to join their industry peers in adopting tough stances on Russia. It seems these few companies have prioritized revenue over values. As an example, Russia still uses the solutions provided by US industry-leading tech organizations, including AWS, Imperva, Akamai, Sucuri, and Cloudflare, that deliver DDoS protection services for Russian and Belarusian websites. Continuing to provide access to these defensive measures, these companies have tacitly chosen a side and should address their rationale for supporting Russia in the face of tight sanctions and strong signals from the majority of industry peers that have chosen to do the right thing. 

SOC Prime urges all US organizations to stop supporting the aggressor and protecting web assets that keep on spreading fake news, lies, and propaganda to their own citizens and the world that is forced to consume this misinformation. In war, there are no innocent bystanders. Sanctions, to be effective, must be consistent and applied broadly. Those vendors, continuing to protect Russian assets from DDoS attacks, should immediately cease this support or answer for their rationale. 

We appeal to fellow InfoSec practitioners and the whole cybersecurity community to sign the petition to prevent Russia from spreading lies:

Sign the petition to stop Russia’s DDoS protection 

SOC Prime users who support us in our appeal to suspend the defense of aggressors will receive free access to curated detections to combat Russian-backed cyber threats. Newcomers and current users can sign up or log in to the SOC Prime Platform to reach the dedicated detection content. Comprehensive volumes of threat hunting queries are readily available, enabling teams to hunt for threats in a matter of clicks with SOC Prime’s Quick Hunt module:

The full list of threat hunting content for Russian-backed cyber-attacks

We ask you to support us. Continued global collaboration and your contribution will ensure that only the truth is known.

The SOC Prime Platform is a global, collaborative platform used by nearly 7,000 organizations from across the world to supercharge SOC operations and combat threats of any scale. The SOC Prime Platform enables the world’s largest cybersecurity community to collaborate on advancing cyber defense and detecting existing, new, and emerging threats. Cybersecurity researchers and content authors are welcome to join the crowdsourcing initiative by submitting detection content and being compensated for their contribution. 

Was this article helpful?

Like and share it with your peers.
Join SOC Prime's Detection as Code platform to improve visibility into threats most relevant to your business. To help you get started and drive immediate value, book a meeting now with SOC Prime experts.
Join for Free Book a Meeting

Related Posts

UAC-0133 (Sandworm) Reemerges
Blog, Latest Threats — 5 min read
UAC-0133 (Sandworm) Attack Detection: russia-Linked Hackers Aim to Cripple the Information and Communication Systems of 20 Critical Infrastructure Organizations Across Ukraine
Veronika Telychko
UAC-0149
Blog, Latest Threats — 3 min read
UAC-0149 Attacks Ukrainian Defense Forces Using Signal, CVE-2023-38831 Exploits, and COOKBOX Malware
Daryna Olyniychuk
Akira Ransomware Detection
Blog, Latest Threats — 4 min read
Akira Ransomware Detection: Joint Cybersecurity Advisory (CSA) AA24-109A Highlights Attacks Targeting Businesses and Critical Infrastructure in North America, Europe, and Australia
Veronika Telychko