During the Holocaust, and in the events that led to it, the Nazis exterminated one third of the European Jewish population. Six million Jews, along with countless other members of minority and disability groups, were murdered because the Nazis believed they were inferior.
Cloudflare’s Project Galileo provides free protection to at-risk groups across the world including Holocaust educational and remembrance websites. During the past year alone, Cloudflare mitigated over a quarter of a million cyber threats launched against Holocaust-related websites.
Antisemitism and the Final Solution
In the Second World War and the years leading up to it, antisemitism served as the foundation of racist laws and fueled violent Pogroms against Jews. The tipping point was a night of violence known as the Kristallnacht (“Night of Broken Glass”). Jews and other minority groups were outlawed, dehumanized, persecuted and killed. Jewish businesses were boycotted, Jewish books burned and synagogues destroyed. Jews, Roma and other “enemies of the Reich” were forced into closed ghettos and concentration camps. Finally, as part of the Final Solution for the Jewish Question, Germany outlined a policy to deliberately and systematically exterminate the Jewish race in what came to be known as the Holocaust.
As part of the Final Solution, the Nazis deployed mobile killing units. Jews were taken to forests near their villages, forced to dig mass graves, undress, and then shot — falling into the mass graves they dug. This was the first step. However, this was “inefficient”. More “efficient” solutions were engineered using deadly gas. Eventually, six main extermination camps were established. They were extremely “efficient” at exterminating humans. Initially, the Nazis experimented with gas vans for mass extermination. Later, they built and operated gas chambers which could kill more humans and do it faster. After being gassed, prisoners would load the bodies into ovens in crematoriums to be burned. In one of the larger death camps, Auschwitz-Birkenau, more than one million Jews were murdered — some 865,000 were gassed and burned on arrival.
It is through education that we will defeat bigotry and racism, and we will do our part at Cloudflare — through education and by supporting Holocaust educational organizations.
“Our response to ignorance must be education” – United Nations Secretary-General António Guterres
Supporting Holocaust educational organizations with Project Galileo
As part of Project Galileo, we currently provide free security and performance products to more than 1,500 organizations in 111 countries. These organizations are targeted by cyber attacks due to their critical work. These groups include human rights defenders, independent media and journalists, and organizations that work in strengthening democracy. Among them are organizations dedicated to educating about the horrors of the Holocaust, and preserving and telling the stories of the victims and survivors of the Holocaust to younger and future generations.
Cyber attacks on Holocaust-related websites
Over the past year, we’ve seen cyber attacks on Holocaust-related websites gradually increase throughout the year. These attacks include mostly application-layer attacks that were automatically detected and mitigated by Cloudflare’s Web Application Firewall and DDoS Protection systems.
In May 2021, cyber attacks on Holocaust-related websites peaked as they increased by 263% compared to their monthly average.
Applying to Project Galileo
Cloudflare’s mission is to help build a better Internet. Part of this mission includes protecting free expression online for vulnerable groups.
The Internet can be a powerful tool in this matter. However, organizations often face attacks from powerful and entrenched opponents, yet operate on limited budgets and lack the resources to secure themselves against malicious traffic intended to silence them. If they are silenced, the Internet stops fulfilling its promise.
To combat the threats, Cloudflare’s Project Galileo provides robust security and performance products for at-risk public interest websites at no cost. Application to Project Galileo is open to any vulnerable public interest website. You can apply via our partners or apply directly to Project Galileo if you don’t have any affiliation with our trusted partners.
A note from Cloudflare’s Jewish employees
Many of us, like myself, are descendants of Holocaust survivors. My grandparents fled from Nazi-occupied Poland to survive. Sadly, my grandparents — as other elderly survivors, are no longer with us. Many of us have faced antisemitism in various forms. Together, we are part of Cloudflare’s Employee Resource Group for Cloudflare’s Jewish community: Judeoflare. We have a responsibility to make sure the world remembers and never forgets the atrocities of the Holocaust and what racism and antisemitism can lead to.
Cloudflare started Project Galileo in 2014 to provide a set of free security products to a range of groups on the Internet that are targeted by cyberattacks due to their critical work. These groups include human rights defenders, independent media and journalists, and organizations that work in strengthening democracy. Seven year later, Project Galileo currently protects more than 1,500 organizations in 111 countries.
A majority of the organizations protected under Project Galileo work in independent media and journalism, and are targeted both physically and online as a result of reporting critical events around the world. From July 2020 to March 2021, there were more than seven billion cyberattacks against Project Galileo journalism and media sites, equating to over 30 million attacks per day against this group. We reported many of these findings for the 7th anniversary of Project Galileo’s Radar Dashboard.
Global Cyber Alliance
We have reported on the cyber threats to independent journalists and media organizations in the past, with the goal of creating best practices on how to protect these groups online. As we shared these insights, we started to collaborate with organizations that provide support and resources to improve journalists’ cybersecurity capabilities and respond to threats. One of these organizations that we were excited to engage with was the Global Cyber Alliance.
The Global Cyber Alliance (GCA) is an international, cross-sector nonprofit dedicated to confronting systemic cyber risks and improving our connected world. GCA develops free, easy and accessible tools to a range of stakeholders on the Internet including small businesses, journalists and, election officials around the world. Each toolkit is curated with tools and guidance on managing passwords, encrypting your data, backing up data, secure email, and browsing, anti-virus, DNS Security and more.
“As journalism increasingly, if not exclusively, relies on connected resources to investigate and report news, these capabilities offer tremendous benefit, particularly as newsrooms face budget constraints. At the same time, connected resources if not secured properly can unknowingly risk journalists, their sources, and the developments they cover,” said Megan Stifel, Global Policy Officer and Capacity & Resilience Program Director at the Global Cyber Alliance. “Resources such as Project Galileo play an important role in helping journalists protect themselves and their work, enabling them to report the news on their terms. GCA is pleased to add this resource to our free Cybersecurity Toolkit for Journalists, which is one of three toolkits available through our Capacity & Resilience Program.”
Project Galileo and the GCA Cybersecurity Toolkit for Journalists
Cloudflare is thrilled to have Project Galileo included in the GCA Cybersecurity Toolkit for Journalists to provide the tools and resources for journalists in order to be safer online. The free tools in the toolkit include:
DNS Security with WARP: Cloudflare VPN (WARP) on devices, or their router, to Cloudflare’s DNS Resolver (1.1.1.2) With 1.1.1.2 it automatically blocks known malware before your browser has a chance to load it.
End-to-End Encryption with Cloudflare SSL: Trust is essential for journalists and their public facing websites as they are a source of truth to their audience. With Cloudflare SSL, they can ensure that information is private and secure for visitors who engage with these websites. SSL also stops certain kinds of cyberattacks as it authenticates web servers, which is important because attackers will often try to set up fake websites to trick users and steal data.
Cloudflare for Teams products Access & Gateway: To assist media organizations, Cloudflare for Team’s products Access & Gateway makes remote works safer for teams around the world with protecting internal applications and DNS filtering to ensure that journalists keep their sensitive information secure and do not fall victim to a cyberattack. Read more on how a local news outlet in New Jersey uses Gateway to filter and block malicious attacks and phishing attempts.
We are excited to be working with the Global Cyber Alliance and look forward to further collaboration on guidance, tools, and resources to improve security for individuals and organizations.
Every June, we celebrate the anniversary of Project Galileo. This year, we are proud to celebrate seven years of protecting the most vulnerable groups on the Internet from cyber attacks. June is a busy month for us at Cloudflare, with the anniversary of Project Galileo and Access Now’s RightsCon, one of the largest events on human rights in the digital age. As we collaborate with civil society on topics from technology, privacy, digital security and public policy, we learn how to better protect critical voices on the Internet but also how to use the Cloudflare network to make positive changes to the Internet ecosystem.
We started Project Galileo in 2014 with the idea that we need to protect voices that are targeted for working in sensitive areas. As such, we give these voices the resources to protect themselves online against powerful opponents. Whether their opponent’s aim is to intimidate, silence, or steal sensitive information, cyber attacks can cause significant damage to organizations that work in areas such as human rights, independent media, education, and social justice. As the world moves online — a factor accelerated by COVID-19 — access to powerful cybersecurity tools is critical for organizations around the world. Our goal at Cloudflare is to help build a better Internet. Part of that goal is helping those who are disproportionately targeted by cyber attacks due to their critical work. We do this by providing the tools they need to stay online to continue their mission in serving the public good.
For the 7th anniversary of Project Galileo, we want to provide a glimpse of what we work on every day when it comes to protecting vulnerable groups on the Internet. Below are some of these stories with information on threats against these groups, highlights from the past year as well as new tools organizations utilize to protect against cyber threats.
Highlights from the past year
In the past year, we have seen a 50% increase in organizations that receive protection under Project Galileo. There are now more than 1,500 in 111 countries.
We partner with 40 civil society organizations that review and approve websites for protection under Project Galileo.
There are 5x as many cyberattacks against all Project Galileo sites compared to our update last year, with 13 billion attacks between August 2020 and March 2021. This is an average of 53 million cyber attacks per day in the past eight months.
Project Galileo was recognized as a Spotlight Recipient by The Tech Spotlight at Harvard Kennedy School’s Belfer Center for its commitment to serve the public good in areas of digital technologies.
Project Galileo Radar dashboard
In September 2020, we launched Radar, a platform that provides insight into Internet trends to help anyone understand security, performance and usage of the Internet. For Project Galileo, we wanted to identify the types of attacks these groups face to better equip researchers, civil society and organizations that are targeted with best practices for safeguarding their website and internal data.
In the last year, as many organizations moved to online operations, this opened the floodgates to malicious cyber activity. To learn more about the cyber attacks those protected under the project suffer, visit our Project Galileo 7th Anniversary Radar Dashboard.
Project Galileo and Harvard Tech Spotlight
This year, we were thrilled for Project Galileo to be recognized as a Spotlight Recipient by The Tech Spotlight at Harvard Kennedy School’s Belfer Center. The Tech Spotlight recognizes projects and initiatives that demonstrate a commitment to public purpose in the areas of digital technologies. Nominations are evaluated based on their proven ability to reduce societal harms and protect public purpose values including privacy, safety and security, transparency and accountability, and inclusion. In the past year, we have seen how people interact and utilize the Internet, the increase in malicious cyber attacks as well as sophisticated attacks against social justice groups, and an increase in application to the project from COVID-19 relief efforts. This has shown us new ways in which Project Galileo can help during times of crisis for a wide range of groups on the Internet.
Protecting internal applications for community-building nonprofits with Cloudflare Access
In the past year, we learned how organizations had to quickly implement a work-from-home solution and many of the risks associated with this shift to remote working. Due to the increased need for secure remote access while also maintaining a strong security posture, we started offering Cloudflare Access under Project Galileo. At a high level, Access gives organizations the ability to secure internal applications — such as internal knowledge resources of help desk platforms. In the case of Project Galileo, when volunteers connect to these applications they must authenticate with their identity provider — such as Google or Okta. Then Cloudflare checks their login against rules the IT administrator has deployed and, if permitted, allow them to access the application. This provides a secure remote work environment by not allowing unauthorized access to sensitive internal applications.
Learn more about how Project Galileo participants, World University Service Canada and Unbound use Access to secure their remote workforce.
World University Service of Canada, Canada
World University Service of Canada is a Canadian non-profit organization that works in international development with a diverse network of students, volunteers, schools, governments, and businesses. “Through this program, we work with the Canadian post-secondary community to provide access to resettlement and higher education for young refugees. Since 1978, our network has resettled more than 2,000 refugee youth to Canada where they are able to build a better future for themselves and their families,” says Ken Fraser, the Deputy Director of IT and Digital Transformation at the organization. Ken wears many hats at WUSC with a team of five providing IT services and support for staff around the world.
“A big challenge we had previously was that our security tools only protected internally hosted applications. For any sites we hosted with an external provider there were no monitoring or security tools available, aside from whatever the service provided,” says Ken. “This has all changed now with Cloudflare. Any site that we proxy through the Cloudflare network has the same reporting, performance and security features such as the web application firewall available whether internally or externally hosted.”
For internal applications, WUSC uses Cloudflare Access to keep their team in Canada and abroad secure when accessing the organization’s internal applications. Ken explains, “Cloudflare Access has been an integral part of securing our sites, and even more so now that we’re all working from home. For example, all of our sites using WordPress are protected with a Cloudflare Access policy in order to prevent anyone on the Internet from getting to the login page, and only specific email addresses added to the policy can get through. It was very simple to set up within Cloudflare and had an immediate benefit to the security posture of our sites.”With Access, Ken and the team can monitor and enforce rules to ensure that unauthorized attempts to access their WordPress login pages stop at Cloudflare’s network first.
Unbound is an international nonprofit based in Kansas City, with an ambitious goal of bringing people together to challenge poverty in new and innovative ways in 19 countries around the world. The organization differs from the typical child sponsorship charity, as they sponsor a range of people from children to elders — they are actually one of the few organizations that offers sponsorships to the elderly. “At Unbound, our mission is to walk with the poor and marginalized of the world, and we do that by providing personal attention and direct benefits to children, youth, elders and their families, so they may live with dignity, achieve their inherent potential and participate fully in society,”explains John Dougherty, the Director of Technology Services for Unbound.
The organization applied for Project Galileo as a way to increase their security posture and secure their public-facing website, as well as some custom-built web-facing applications used by staff spread across the 19 countries the organization operates in. “We first used Cloudflare Access to protect the admin side of the website for many of our staff members”,saysDougherty. In March 2020, due to the spread of COVID-19, Dougherty and the IT team had one week to implement a secure work-from-home solution for their staff.“We needed a way for our staff to access the organization’s internal ticketing system, help desk, and knowledge base in a simple and reliable manner. Now, more than 150 users can easily access the services they need to continue to provide support to those in need.”
With Project Galileo, the organization has the ability to focus on their mission of helping others while not having to worry about data breaches or being taken offline. Dougherty explains, “Project Galileo has given us the ability to leverage technology to help us operate in a lean and efficient way. Anytime Unbound receives these types of services to secure our website and not have to worry as much about being taken offline due to a cyber attack or have sensitive information compromised, we can spend more time and money on providing direct support to families living in extreme poverty.”
Protecting journalists & LGBTQ+ organizations from malware and phishing attacks with Cloudflare Gateway
Beyond organizations using Cloudflare Access to protect access to their internal applications, we also had organizations reaching out and asking about the best way to protect their internal data due to a surge in malware and cyber attacks. We started to offer Cloudflare Gateway under Project Galileo as organizations shifted from office settings to home offices. Gateway uses DNS filtering to block malicious content, ransomware, and phishing before your browser has a chance to load it. It acts as a filter, and automatically blocks unsafe content from web traffic to stop cyber threats and data breaches. As many of these attacks are sophisticated and personalized to organizations, these attacks target human rights groups, journalists and civil society around the world every day. Gateway is a tool that can easily block these threats so workers do not accidentally click malicious links.
Learn about how a local journalism group in New Jersey and LGBT+ helpline in the UK uses Gateway to protect against these threats.
New Brunswick Today, United States
New Brunswick Today has been serving the city of New Brunswick, NJ (home to Rutgers University) since 2011. The paper covers community matters, corruption, culture, real estate development and more. Recently, the paper has been focused on the spike in gun violence since the COVID-19 pandemic. Justin Freid, head of digital strategy at New Brunswick Today, turned to Cloudflare to help mitigate repeated attacks on the site that started in late 2015. He is familiar with journalists being threatened and harassed due to the sensitive nature of their work. “Our journalists have been targeted with physical and online threats, so we have to be diligent and aware of the security tools and precautions we use,” says Freid.
New Brunswick Today appeared on an episode of Full Frontal with Samantha Bee focused on saving local news, highlighting the importance of local journalism and its role in the community after one of NBT’s stories caught nationwide attention for its coverage of public corruption at the city water utility.
During COVID-19, the organization started to use Cloudflare Gateway to filter and block malicious attacks and phishing attempts. They route their traffic through Gateway, with policies maintained and enforced via Cloudflare’s dashboard specifically for their editors’ devices. “We use Gateway on our editors so that we can browse more confidently. As a local newspaper, we receive source material and are worried it may contain malware looking to thwart our systems and possibly steal sensitive information about pieces that are being written by the paper,”says Fried. “The idea that Cloudflare is able to filter malware before it reaches our device, increases confidence for our journalists that they need when they write, investigate and publish stories to keep citizens of New Brunswick informed on local issues.”
Switchboard is one of the oldest telephone helplines in the United Kingdom founded back in 1974 to provide support and information to people of all kinds but especially those who identify as LGBT+. Fast-forward to 2021 and the organization is in high gear, with an average of 1,500 unique service users a month connecting with volunteers who are available seven days a week.
“Our goal at Switchboard is to provide a safe judgement free-space for those who need support. We have people that call in to talk about things such as seeking help in navigating their gender identity, looking for resources on mental health in the UK, or to discuss issues in their community when it comes to LGBT+ rights,” explains Pete Hannam. Switchboard is a volunteer-led charity so Hannam holds many responsibilities from answering phone calls and providing support to callers, to developing and securing the organization’s online platform.
Switchboard started as a phone helpline but with the growth of emerging technologies and new forms of communications over the years, they adapted by adding new channels such as email and real-time chat. Technology also helped the organization respond to COVID-19 quickly, and they transitioned their platform to be fully online quickly to handle the many calls, emails and chats that volunteers at Switchboard received related to the uncertainty of the pandemic on careers and social disengagement with people around the world. Hannam estimates the organization saw an increase in communication via email and chat grow from 30% to 55%.
Switchboard joined Project Galileo in May 2019 primarily to have more visibility into HTTP traffic including threats that targeted their site. “We had very basic web services with no idea what type of traffic or access people may have had to our backend systems. Unfortunately, our site was hacked because of a vulnerability in a WordPress plugin. We had no visibility into our traffic or threats before Cloudflare and due to this didn’t realise that our site had been compromised,” explains Hannam. “As an organization that provides a platform for those sharing sensitive information about things such as gender identity or abuse they suffered, trust is essential for us and presenting an insecure platform is a huge breach of respect and professionalism.” The organization was accepted to Project Galileo and immediately enabled Cloudflare SSL certificates to encrypt, authenticate and provide a sense of trust to users that use the organization’s support services. From there, they used the web application firewall to automatically block hackers’ attempts to exploit vulnerabilities in their website’s PHP code.
In the past year, Switchboard implemented Cloudflare Gateway. As the organization looks toward the future, which includes returning to the office in some form, they were looking for a solution to automatically block viruses and phishing attempts that spread over the Internet through malicious web pages. Gateway helps as a first layer of defence against most security threats and prevents the organization’s network and devices from getting infected by malicious software that their volunteers may accidentally download. Hannam explains, “We have the exact same issues as large companies, possibly even more targeted due to the sensitivity of our work, with significantly fewer resources. So it is important for organizations such as ours to have the opportunity to use advanced security tools, and Cloudflare’s Project Galileo allows us access to these tools to keep our site reliable, secure and trustworthy.”
As world events shape the ways in which organizations maintain their online platforms and workforce, Project Galileo has adapted to these situations. We look forward to continuously working with our civil society partners on the best way to support organizations and provide products that help them stay online, secure their internal teams, and focus on their mission of helping the greater good.
The collective thoughts of the interwebz
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
