SBU checks data leakage from Cloudflare - no threat to state resources
The SBU cyber inspection checked the probability of risks to the work of e-resources of public authorities and critical infrastructure facilities as a result of the leakage from Cloudfare Inc. client base.
The inspection found that there was no threat to the state resources.
In particular, it was found that IPs, that appeared in the Internet are a generalized base of public data. That means, public domain names with IP addresses are available in the network through standard DNS queries. In total 2.6 million of such records were made public.
Thus, the disclosure of public data doesn't pose additional risks to the work of state resources served by Cloudflare, including Ukrainian public authorities and critical infrastructure facilities.
SBU Situational Centre for Cybersecurity and State Special Communication Service were involved in the inspection. For diagnostics, data was obtained directly from Cloudflare Inc.
The leakage of data from Cloudflare Inc service became known on July 26. Among the disclosed addresses, according to RNBO, were 45 records with “gov.ua” domain and more than 6.5 thousand with “ua” domain, including resources belonging to critical infrastructure.
It may be recalled that during the first half of 2020, the Security Service of Ukraine neutralized more than 300 cyber-attacks and cyber-incidents on critical infrastructure.