Russians Bypass Website Blocks To Access Western News Sources

Cloudflare sees signs that Russians are increasingly turning to Western news sources for accurate information about the situation in Ukraine.

A new blog post published today by Cloudflare presents statistical evidence that Russian internet users are adopting blocking circumvention tools quite aggressively to access UK, US and French news sites.

At the same time, the Russian government seems unwilling to isolate the country from the global internet, as many have suggested, and also unable to step up its resource access blockages due to quality issues.

However, Russia has blocked access to Western media and social sites to control the narrative regarding its invasion of Ukraine.

Turn to reliable sources of information

As the war in Ukraine continues and Russian media provide no evidence of success or even convincing justification for the so-called special military operation, many Russians are trying to circumvent blockages to find out more from Western media.

In March, the most downloaded mobile apps in Russia were various VPN tools, Telegram, and Cloudflare’s “WARP/1.1.1.1,” a privacy-focused recursive DNS resolver that can route user requests through one of the company.

WARP prevents DNS queries from being monitored by Internet Service Providers (ISPs), protects against DNS poisoning, and offers smart features like malware filtering.

Analyzing WARP usage statistics, Cloudflare saw an increase in Russian-based usage, starting in early March. Most of the DNS searches coming from this market concern major French, British and American newspapers.

Russian DNS lookups for US media
Russian DNS lookups for US media
Source: Cloud Flare

“The picture is clear from these (three) charts. Russians want access to non-Russian news sources, and given the popularity of private internet access tools and VPNs, they are willing to work for it. ‘get,'” explains Cloudflare in a blog post on new research.

DDoS attacks from Russia

Cloudflare also reports a spike in DDoS activity, peaking around the second week of March, originating from inside Russia.

DDoS activity detected and mitigated by Cloudflare
DDoS activity detected and mitigated by Cloudflare

According to the blog post, these attacks targeted sites outside of Russia but were mitigated at the source, which is easier and more effective.

However, the internet giant clarifies that origin does not necessarily mean attribution, especially when attacks come from DDoS botnets relying on compromised IoT devices.

Cloudflare’s rationale

A month ago, Cloudflare announced special data protection measures in response to the war, including wiping out servers based in Russia, Ukraine, and Belarus in the event of a power outage or significant connection disruption. Internet.

Simultaneously, the company announced its decision not to leave the Russian market as this would harm freedom and make it much more difficult to access truthful and reliable information from inside the country.

Cloudflare’s latest DNS stats back up its stance, which drew criticism at the time, as supporting Russians helped raise awareness of what’s happening in Ukraine.

Sherry J. Basler