Project Galileo Overview
Presented by: Jocelyn Woolbright
Originally aired on April 24, 2021 @ 11:30 AM - 12:00 PM EDT
Project Galileo is Cloudflare’s response to cyber attacks launched against important, yet vulnerable targets, like artistic groups, humanitarian organizations, and the voices of political dissent.
In this segment, you'll learn more about the program and the organizations being protected by Project Galileo.
English
Project Galileo
Transcript (Beta)
Hi, everybody. Welcome to Cloudflare TV. I'm super excited to be speaking with you all today on one of my favorite projects that I get to work on at Cloudflare, which is Project Galileo.
And this week, we're actually celebrating the sixth anniversary of the project.
And to start, my name is Jocelyn. I work on Cloudflare's public policy team on all of our social good projects, including Project Galileo, in which we provide free services to some of the most vulnerable entities on the Internet.
I also work on our election security projects, including the Athenian Project and Cloudflare 4 campaigns, in which we provide free services to state and local government election websites and also political campaigns.
Just a little background, I started at Cloudflare about a year ago.
And before that, I was working, I was interning at a think tank here in Washington, DC on cybersecurity policy.
And then I lived in Mozambique, working for a really small nonprofit in emergency medicine research.
So I think I have one of the best jobs at Cloudflare, if I would say that, because I get to work with a lot of really great organizations that are doing important work around the world in things like journalism, organizations, helping refugees, activist groups, working in climate change, and really helping a lot of these organizations stay online so that they can continue a lot of the great work that they're doing.
And I'm super excited to share some of the stories that I get the privilege of hearing every day.
So to give you an idea, Cloudflare every year, we celebrate the Project Galileo's anniversary.
And we're super excited to mark the sixth anniversary of the project in 2020.
And the anniversary is really good time for us to reflect, talk to participants, see how the project has grown and changed over the course of the previous year.
So this year is a lot different due to the spread of COVID-19. And really, the global response has shown us that new ways that Project Galileo can help.
So really, our goal for the sixth anniversary is to share updates and stories from the fields, from organizations that have stepped up in this time of uncertainty.
So throughout the whole week, we're going to be talking with organizations under Project Galileo that work all around the world, including an organization providing reliable access to clean water and proper sanitation stations in sub-Saharan Africa.
And then we're also talking with an organization in the UK that provides emotional support to many suffering anxiety related to the COVID-19 pandemic and a lot of other really great organizations under Galileo and also talking with one of our partners, the Cutter Center on Friday, which is going to be super great.
But to kick off the week, I'm going to give an overview of why we started Project Galileo, updates for the sixth anniversary and some stories that we wanted to highlight.
So as many of you know, we have a large network at Cloudflare with more than 27 million domains that currently use our services.
Now, our network didn't always look like this.
In 2014, Cloudflare's free service didn't include DDoS mitigation.
So if a free customer came under attack, our operations team would generally stop proxying their traffic.
And the reason we did this was to protect our own network, which was much smaller than it was today.
And usually this wasn't a problem as most sites that got attacked at this at the time were companies or businesses that were able to pay for our services.
And every morning, our CEO, Matthew would receive a report of the sites that were kicked off of off of Cloudflare the night before.
And in February 2014, he was reading this report, and he discovered that in an independent newspaper in Ukraine was on the list of domains that had been kicked off of our network.
So if you're not familiar, February to March 2014 was the annexation of Crimea.
And this specific site was covering the ongoing invasion and providing many of the updates about what was going on on the ground in Ukraine.
So this attack was large enough that it triggered an alert in our networks operation center.
So a member of our systems reliability engineering team, who was on call and investigated and found the free customer was being pummeled by major traffic.
So he followed the book, which we have and triggered a FINT, which is stands for fail internal.
So directing traffic from the site directly back to the origin, rather than passing through Cloudflare's protective edge.
And again, the reason why this was done was to protect our own network and others that were using our service.
I'm happy to report that we don't have to do that today because our network is so large.
But during that time, the new the Ukrainian new site was overwhelmed by the attack and effectively fell off the Internet.
Now our engineer didn't do anything wrong. He followed the procedures that we established at the right times exactly.
And he was a really great computer scientist, but he was not a political scientist.
And he didn't recognize the site or understand the importance due to the situation at the time in Crimea, and why a newspaper covering this type of event might have a large scale attack.
Now our mission at Cloudflare has always been to help build a better Internet.
And on that day, we realized that we weren't living up to that mission.
So that's when we launched Project Galileo. So really, the promise of Galileo is simple.
Cloudflare will provide our full set of security services to any politically or artistically important organization at no cost to ensure that they have the tools to stay online.
As many of these organizations are really the target of sophisticated cyber attacks, but also to help them manage large influxes of traffic that they might be experiencing due to the critical work that they're doing.
We want to make sure that these groups working in these areas can stay online and not have to worry about being taken down by malicious attacks or large influxes in traffic.
So many people ask, how does an organization looking to be protected under Galileo, how do they get these services?
So at Cloudflare, we run infrastructure all around the world.
We have many offices in San Francisco, DC, Singapore, London, Germany, and many other places.
And that certainly gives us a viewpoint.
But it isn't a very global representative viewpoint.
And we're also a very technical company. If we surveyed all of our employees to determine which organizations are worthy organizations to protect, we would find a lot of great organizations close to home and close to our own interests, but we miss a lot of others.
And we also worried that it was dangerous for an infrastructure company like Cloudflare to start making decisions about what content was good.
Because doing so would inherently imply that we're also deciding what content was bad.
And while moderating content and curating communities is appropriate for some visible platforms, the deeper that you go into the Internet infrastructure, the less transparent, accountable, and consistent those decisions inherently become.
So rather than making the decisions ourselves of what was politically or artistically important, we turn to the experts.
So civil society organizations that do exactly that.
So we work with a variety of different types of non-governmental entities under Project Galileo, but we generally put them into two groups.
One of them is our participants. So those who are granted the benefits of Project Galileo and those who we partner with.
So we work with them to identify other organizations who might be worth supporting.
So our partners are typically larger and higher profile NGOs who work with entities who might benefit from our services and really help us to determine who to support.
So for Project Galileo, we currently partner with 37 civil society organizations.
And they're the ones that make the decisions on what groups and organizations should receive our free services.
So our partners play the largest role in reviewing organizations that are looking for protection under Project Galileo and essentially vouching that an organization looking for protection is working in the public good and is really worth protecting.
We agree that if any of our partners said that a nonprofit or a small commercial entity that applied for protection was politically or artistically important, then we would extend our security services to protect them, no matter what.
So to give you an idea of some of our partners and what fields they work in and why they're also great organizations to partner with under Galileo, one of them is the Center for Democracy and Technology, which is an organization that really champions global online civil liberties and works to make the Internet, keep the Internet open, innovative, and free.
And really one of the core aspects of CDT is working to increase access to information and resisting government and private efforts to censor content, which is really one of the reasons why they're such a great partner in helping identify other organizations that are looking for protection under the project.
And then we also have another organization, PEN America, who recently joined in 2020 and they're actually a literary nonprofit that compromised of writers, journalists, editors, translators, all around the world with really the mission of celebrating writing and defending human rights.
So nearly a quarter, about 23%, of the organizations participating in project are related to journalism and independent media.
So national and local media sites have really been crucial providing authoritative information during COVID-19 pandemic and really provide providing efficient updates on virus mitigation and things like community developments in specific areas.
So we're really happy to have PEN America join to help us identify some of these journalism sites that need protection.
And then a couple of our other partners. So CEMA, the Center for International Media Assistance at NED, the National Endowment of Democracy, is one of our newest partners.
And really their mission is the development of independent media worldwide.
And it's really based on free and independent media plays a huge part in developing sustainable democracies around the world.
And like I said, securing independent media and journalism sites from cyber attacks is crucial for organizations under Galileo, especially during this time.
And then also the International Republican Institute.
So they're a new partner on Galileo. They're a nonprofit, nonpartisan organization which encourages democracies and really shares best practices in places where democracy is flourishing.
And under Galileo, we protect many organizations that are working in advancing democracy, exposing government corruption, promoting free and fair voting practices.
So IRI has really been a great partner in this space where we see many organizations at a high risk of state-sponsored cyber attacks for the work they do.
So back to Galileo. So what kind of groups make up the project?
A year ago, we actually reported that we're protecting nearly 600 organizations and we partnered with 28 civil society organizations to really identify and provide services to these vulnerable entities on the Internet.
But a single year has brought us more than a 60% increase in the total number of participants in the project.
So we're currently protecting more than 1000 organizations under Project Galileo and we partnered with nine new civil society organizations to really help us identify these organizations looking for our security protections.
So to give you an idea of our participants, we have a diverse, excuse me, group of organizations that are under Project Galileo in many different sectors.
So when looking through all the organizations on Galileo, we generally saw nonprofits, independent media, issue-based activists, civil society, and NGOs, including artists and others.
So from there, we really wanted to identify the focus areas of many of these organizations to understand what areas they work in, in the public good.
So as I said, nearly 23% of the organizations are related to journalism and independent media, as these groups tend to be directly targeted, as we saw with the Ukrainian news site during the annexation of Crimea.
And then another group that we identified, which is a large portion of Galileo, is community building and social welfare organizations.
So these organizations tend to be working in alleviating poverty, promoting equality, supporting refugees, or small communities focused on promoting their own cultural heritage.
We see a lot of that. And since the spread of COVID-19, many of our Galileo participants in this community building space have really shifted their efforts to relief funds.
So a lot of them are delivering essential personal protective equipment, emergency food distribution, and assisting frontline defenders in the regions that have been really hit hardest by the virus.
And when the virus had first started, we saw there was actually a 40% increase between March 16 and April 1 of applicants to Project Galileo with organizations related to COVID-19 relief efforts and information.
So nearly six years ago, we founded Galileo because we noticed this disturbing trend of disproportionate attacks against at-risk organizations and individuals that were advocating for marginalized groups.
So last year we reported that 60% of sites under Galileo experienced daily attacks and saw malicious traffic 27 days out of the 30-day period that we had surveyed.
Now in 2020, we noticed that the web application firewall mitigated 2.4 billion cyber attacks on domains under Project Galileo, and that's just in 2020, and it's an average of 17 million attacks per day.
So these organizations are doing really important work and risking their lives around the world.
And many of them use the Internet to reach their audience, whether it's African journalists covering government corruption, LGBTQ communities in the Middle East, or human rights groups in repressive regimes.
Unfortunately, they all face the risk that the powerful forces that oppose them will use cyber attacks to silence them, as we've seen with the data.
So one of the parts about Project Galileo and Cloudflare is that we often see in the past, these real world protests and violence are usually accompanied by attacks on the Internet.
And these past couple weeks have really been no exception, with the shocking murder of George Floyd on May 25, followed by the widespread protests and violence in the United States.
And at the same time, Cloudflare saw this huge uptick in cyber attacks, particularly attacks on advocacy organizations fighting racism.
So in our six years of protecting organizations under Galileo, we have often seen online attacks used in combination with physical violence and threats.
So there are many organizations fighting racism who participate in Project Galileo.
And unfortunately, if recent history is any guide, those who speak out against oppression will continue to face these types of attacks and attempts to silence them.
And we really want these groups to have the tools that they need to keep them online so that they continue the great work they're doing and really not have to worry about being taken down by malicious actors or these large influxes in traffic.
So as I said, we currently have more than 1000 organizations under Galileo and the privacy of these organizations is essential, as many of them are directly targeted for the work they do.
So we don't publicly share stories from our Galileo organizations due to the sensitive nature of the work many of them do, but I'm going to share some stories from organizations that have allowed us to share their stories.
Also this week, we're sharing a bunch of stories from organizations that are working in providing relief effort to COVID-19.
So we're super excited to share more of those stories this coming week. So the first one, VAS Portugal.
VAS Portugal, which began really as a volunteer effort around fires that were ravaging the forest in Portugal in August 2018.
So when the fires actually began, this group united on Twitter to share important information across the globe.
And while traditional media sources remained silent, after connecting with each other, the volunteers decided to create one single Twitter account to keep those at risk informed of the fires movements.
So, then when Hurricane Leslie descended upon Portugal in September 2018, the same group leveraged their Twitter account to really help predict which areas would be the most dangerous and be able to warn locals.
So the groups reporting during the hurricane lent a lot of credibility to the organization.
And so the European Virtual Operations Center support team, which is called VAS Europe, invited them to join this group.
So more than a year later, VAS Portugal is really focused on dismantling the communications of official entities on social networks and helping those directly and indirectly impacted by natural disaster and other types of information.
And everybody at VAS Portugal is a volunteer who works for the benefit of the community.
So what they do is they have a virtual online support team and local authorities actually come to them with information to distribute to the general population, which they share via their website and they create new subdomains for each event or incident.
And VAS applied to Project Galileo during the fuel crisis in Portugal in early 2019 and they were actually serving more than 12 million page views in a matter of 48 hours.
So this put a lot of pressure on their origin server, which caused many infrastructure problems as a lot of their viewers were legitimate requests of people trying to get up to date information on these events that were occurring.
So we're really happy to provide them protection under Galileo so they can keep providing this essential information to the public.
And then Corona Safe Network.
So they actually joined in the past couple months. We've seen we've seen this increase of applications for Project Galileo related to COVID-19 efforts.
So a lot of these organizations have spearheaded separate initiatives, such as symptom tracking sites, personal protective equipment donations, DIY face mask creations, and other types of related efforts.
And one of these organizations is actually Corona Safe.
So Corona Safe is an open source guide in India on how to stay safe during the pandemic.
So they joined Galileo in March 2020 and in about two weeks they launched 20 projects in multiple languages.
So these projects include access to information about the spread of COVID-19.
They also have information about telemedicine options, food delivery networks, and they have a map of COVID hotspots in the Corolla region in India.
And they're seeing about 10,000 visitors per month, with an increase of about 2,000 up per week.
And we were able to onboard them to Galileo in a quick amount of time.
And then we also have we also have the Women's March Global.
So they're an international organization founded on January 21, 2017 and they really seek to unite grassroots movements worldwide.
So really on their platform, they host a lot of different types of meetings.
So interested parties can join Women's March Global as members and they have many different chapters that you are able to join.
And they do this all on their website and online.
And due to the international scale of Women's March Global, they need a way to reach remote clients all over the world.
So the traffic profiles of their web property is very dynamic and they noticed that they would get these spikes of traffic around major events like the Anniversary March that draws a lot of media attention.
So it makes it hard to predict traffic and scale platform capacity really on the back end.
So they joined Project Galileo to not have to worry about when they would see these spikes in traffic so they can stay online so they don't have to worry about their site going down during a really important time during their events.
So coming this week, since it's the sixth anniversary of Project Galileo, each day we're having a Cloudflare for TV segment from organizations that want to share the work that they're doing and the importance of protecting groups such as these on the Internet.
So tomorrow we have the Water Project, which provides reliable sanitation types of sanitation centers.
They create these sanitation centers in sub-Saharan Africa.
They're really cool organization and then they've actually expanded their operations in health and hygiene to more than 38 communities in the region.
So super excited for that. And then we're also talking with Samaritans, which is a UK based organization that provides around the clock emotional support and campaigns to really make suicide prevention a national and local priority.
And then Thursday, we have a huge day.
We have Zoe, who will discuss, they build an app for COVID-19 tracking and how they handle traffic spikes during the pandemic.
And then we also have the International Policy Center for Inclusive Growth and they built this social protection platform that's been really crucial in helping communities during COVID-19.
And then we also have Conquer COVID Canada, which is also working in providing essential workers access to masks, gloves, and other types of supplies.
And then at the end of the week, the Carter Center, who is one of our new partners, is going to be talking about what it's like to be a partner and what more we can do to help vulnerable voices online.
So I'm happy to take any questions or comments.
If you're an at-risk organization looking for protection under GALILEO or want to learn more about the services or read other types of case studies from our other GALILEO participants, visit our website and send in an application.
So I'll see if there are any questions. I think we are good.
Well, thank you everybody for your time and I'm super excited for a lot of the other Cloudflare 4 TV segments.
Hi, we're Cloudflare.
We're building one of the world's largest global cloud networks to help make the Internet faster, more secure, and more reliable.
Meet our customer, Falabella.
They're South America's largest department store chain, with over 100 locations and operations in over six countries.
My name is Karan Tiwari.
I work as a lead architect in Adesa E-Commerce at Falabella.
Like many other retailers in the industry, Falabella is in the midst of a digital transformation to evolve their business culture to maintain their competitive advantage and to better serve their customers.
Cloudflare was an important step towards not only accelerating their website properties, but also increasing their organization's operational efficiencies and agility.
So I think we are looking at better agility, better response time in terms of support, better operational capabilities.
Earlier, for a cash purge, it used to take around two hours.
Today, it takes around 20 milliseconds, 30 milliseconds to do a cash purge.
The homepage loads faster. Your first view is much faster. It's fast. Cloudflare plays an important role in safeguarding customer information and improving the efficiencies of all of their web properties.
Cloudflare is a perfect illustration of how we can deliver value to our customers in a fast way.
With customers like Falabella and over 10 million other domains that trust Cloudflare with their security and performance, we're making the Internet fast, secure, and reliable.
Reliable for everyone. Cloudflare. Helping build a better Internet.
A unique URL can now be shared or published in any web browser.
Your videos are delivered across Cloudflare's expansive global network and streamed to your viewers using the stream player.
Stream provides embedded code for every video.
You can also customize the desired default playback behavior before embedding code to your page.
Once you've copied the embed code, simply add it to your page. The stream player is now embedded in your page, and your video is ready to be streamed.
That's it. Cloudflare Stream makes video streaming easy and affordable. Check out the pricing section to get started.
Thank you for watching.