Two technology firms based out of San Francisco and Texas have been securing Pakistan-based terror outfit Jaish-e-Mohammad’s website while boosting its reach online, enabling easy access to its users.
CloudFlare works like a shield between the user and original host of the website and the internet. In this case, alqalamonline.com and rangonoor.com are the offending websites and they’re hosted by SiteGround, a web hosting company based out of Bulgaria. CloudFlare protects the sites from DDoS (Distributed Denial of Service) attacks and other such hacking attempts.
According to a detailed report by DNA, Jaish-e-Mohammad (JeM) has enrolled both the websites for protection against DDoS and other malicious, script-based attacks via CloudFlare since March 2014.
The report indicates that the websites in question are hosted on 126.96.36.199 and 188.8.131.52 IP addresses. Both these IP addresses are linked to CloudFlare, which is based-out of California. CloudFlare also caches the website so that it can load faster, as detailed by Mumbai-based cyber security researcher, Dinesh Bareja.
Vanessa Royale, a representative for CloudFlare told DNA that the company is not hosting the websites. She added that “IP addresses may appear in a DNS (Domain Name System) query since we are a reverse proxy.”
Royale refused to comment on CloudFlare’s customers or the company’s plans. She tried to slip the issue of CloudFlare protection by stating that CloudFlare is not responsible for hosting any terrorist websites and that terminating a customer will only result in a slower site that’s a little easier to hack.
Royale is essentially stating that CloudFlare is protecting the terrorist websites but that it isn’t hosting them so it isn’t such a big deal. It’s quite likely that CloudFlare isn’t even aware that the site it’s protecting is a terrorist website and it’s unlikely to deliberately provide safe harbour to terrorists. However, the company’s response is rather tame.
The report confirmed that both websites were running on 184.108.40.206, an IP address managed by SiteGround. The websites are managed by a web administrator called Muhammad Tariq Siddique from Karachi, reveals the report.
One thing to note is that American companies are barred from performing financial transactions with designated terror organisations and JeM has been denounced by the UN and the USA since 2001 for its activities. JeM is the same group responsible Parliament attack in 2001, Pathankot air force base attack and the Nagrota camp attack.
The terror outfit has also enrolled help from LimeStone Networks for hosting other domains like musalmanbachay.com, fathulijawaad.com and sadaemujahid.com, as part of its online propaganda in the form of videos of terrorists hailed as martyrs, quranic verses, poetry on war and propaganda articles.
These domains provide soft propaganda and introduce young children and teenagers to the thought-process of JeM ideology. Both these companies have been painted as favourites for the Islamic State, al-Qaeda, Hezbollah and other extremist groups.
Despite all this, law enforcement authorities in the United States have not taken any action against CloudFlare and Pakistani authorities only briefly shut down JeM’s online publications after the Pathankot attack.