Business continuity amid the invasion of Ukraine
As the invasion into Ukraine continues to escalate, the Fastly team is actively monitoring the health, availability, and performance of our edge cloud network along with maintaining close communication with our customers. Our network and products remain performant and fully operational.
Our security program has been designed with the NIST Cybersecurity Framework in mind. Our normal operating posture aligns with the Cybersecurity and Infrastructure Security Agency’s (CISA) guidance defining a heightened cybersecurity readiness posture. We will continue to enact our standard incident management processes should they be required, although we do not anticipate any change to the performance or reliability of our global network. As an essential business for many, we have worked extensively to prepare our continuity plans, which ensure our core systems, processes, and staff will be resilient.
Understanding the threat landscape
Related to the invasion of Ukraine, the most likely goal of an attack against a Fastly customer is in support of misinformation, disinformation, and malinformation (MDM). To attempt to proliferate MDM, an attacker would push their own agenda and amplify it, or could seek to alter existing information by compromising an information source or the supply chain of the source. In support of MDM campaigns, an attacker can also seek to suppress authoritative sources of valid information via denial of service attacks.
We are also aware of the possibility of censorship at a network level. Russia has the ability to block IP addresses at their internet borders and have done so in the past. It is feasible that they would do so again, and we are actively monitoring for this type of Denial of Service at Russia’s borders.
Fastly is also monitoring security threats without a clear MDM goal surrounding the events, including targeted phishing, wiper malware, DDoS attacks, and compromises of websites. At this time these incidents have remained local to entities based in Ukraine, Belarus and Russia. Fastly does not have POPs or other assets in Ukraine, Belarus, or Russia, meaning they are not exposed to these localized threats. We will continue to maintain a heightened situational awareness and take appropriate actions with any customers impacted.
Additionally, we are aware of the risk of possible attacks against customer accounts with an attacker's goal of altering customer configurations in support of proliferating MDM. We have no indications of such attacks at this time.
Recommended customer actions
Fastly’s security program provides a strong foundation to aid in our customers’ goal of protecting against MDM, but this is a shared responsibility. While Fastly is taking care of the security of the platform beneath customer applications, there are some steps customers can take to better prepare for cyberattacks. Most importantly, review CISA’s Shields Up guidance to assess readiness for a cyberattack. Apply the guidance where appropriate to shore up defenses. As the situation in Ukraine continues to evolve, our guidance will also continue to evolve.
Currently, we recommend customers consider ensuring requests are served from cache as much as possible and use request collapsing and shielding, investigating Edge Rate Limiting for assistance with high-volume, fast-acting attacks, and implementing a web application firewall for more fine-grained controls regarding denial of service and other types of attacks.
In addition to the considerations above, to optimize customer readiness for these possible attacks, we recommend you verify that you have enabled multi-factor authentication on all of your Fastly accounts.
We have a globally distributed workforce that continues to operate 24 hours a day, 7 days a week. If you have concerns about your Fastly services, please continue checking our Statuspage. Our account management and support teams will continue to support our customers in the capacity they always have. If customers have further questions or concerns, they should not hesitate to reach out to their normal Fastly contact, or file a ticket with firstname.lastname@example.org.