Being labeled a supporter of terrorism was the last thing on Dennis Henry’s mind as he walked into work at the HostDime.com web hosting company in Orlando recently.
But when it was revealed last week that the company was one of several in the United States and Canada hosting Syrian government websites, that’s the very label he found himself fending off.
“We got a lot of negative press. Some reports suggest we wanted to support the Syrian government,” Henry told FoxNews.com on Tuesday. “We got attacks on our servers from people thinking we were sponsoring terrorism.”
An executive order signed by President Barack Obama in April prohibits American companies from providing all manner of technological support for the Syrian and Iranian governments, including web hosting services. The president cited “the commission of serious human rights abuses against the people of Iran and Syria by their governments, facilitated by computer and network disruption, monitoring and tracking by those governments.” Both countries are subject to strict international economic sanctions that prohibit companies from doing business directly with either government.
President Bashar Assad is currently under international pressure to step down amid the growing call for regime change and an armed rebellion that has killed an estimated 40,000 Syrians, according to human rights observers, and displaced nearly half a million.
HostDime.com wants nothing to do with the regime, Henry said, but as it turns out, a client whose servers are leasing space at the Orlando facility had been unknowingly hosting the website for Syria’s ministry of religious affairs, or Woqf. That client was contacted as soon as HostDime.com found out, and the site shut down.
“Within 24 hours he reacted and removed it and it’s been inactive ever since,” Henry said. “We took swift action — as fast as humanly possible.”
HostDime was not the only one faced with a violation of the executive order. When Syrian government websites remained online despite a shut down of all Internet services in Syria last week, a November report by Canandian researchers started getting a second look. It indicated that several government websites are still being hosted by American companies.
According to Citizen Lab, a project of The University of Toronto, the Syrian government had moved a vast number of its websites to European hosts over the last year. According to “The Canadian Connection: One Year Later,” a handful remained here as of last month. They included:
— The Sana News Agency (Ministry of Information), sana.sy, hosted on SoftLayer Technologies, Texas.
— The Ministry of Economy and Trade, Syrian Patent Office, spo.gov.sy, hosted on PrivateSystems Networks, New Jersey.
— The Hama City government, hama.gov.sy, hosted on WeHostWebSites.com, Colorado
— The Prime Minister’s Office, General Authority for Development, gcb.gov.sy, hosted on Jumpline in New York.
— The Ministry of Religious Affairs in the now-besieged city of Aleppo, aleppowakf.gov.sy, hosted on Secured Private Network, California.
Several of these companies were contacted by FoxNews.com and they all told the same story: Because of the nature of web hosting, there could be numerous clients between themselves and the actual website.
Most had no idea the Syrians were roosting on their space.
“It’s effectively impossible [to know],” said Jay Sudowski, founder and partner in the Colorado-based Handy Networks, which runs WeHostWebsites.com. “In this particular instance, we have an international customer, they ordered a dedicated server from us, we supplied a server and connected disk space and that was it.
“After that, we had nothing to do with it,” Sudowski told FoxNews.com.
When they were tipped off about the Hama city website, “within a few minutes … it was offline.” The company blocked the IP address for the network, and “probably took several hundred websites off as we were doing so,” he said. When they drilled down to the domain name in question, they were able to take it offline and restore service to the others.
“Obviously it was not like we knew about it — we did not take any money from Syria,” he told FoxNews.com. “To top it off our customer was an international company so they aren’t necessarily aware of American laws.”
Other companies said they have been actively responding to instances of abuse or violations. New Jersey’s PrivateSystems Networks has publicly said it no longer hosts the websites in the report. When contacted, Jumpline said through a spokesman that it’s been “proactive” in monitoring abuse, including running new clients through a scan for disallowed countries.
But it did not catch Syria’s Ministry of Defense’s website, which likely went up after the scan. When Jumpline did find out, the site was taken down immediately, according to company officials.
Henry said his company realistically hosts about 5 million websites at any given time, either directly or through a vast network of client hosts, or, as is in this case, through a client server that is co-located in their physical space.
“I went through and looked at the other hosts” caught up with Syria. “I would say 99 percent were in the same situation as us. They offer a server or have servers in their data center … there could be any number of people between them and the provider. They sell hosting to someone who sells hosting to someone who sells hosting to the Syrian government. It is a very difficult thing to control. We do our best to ensure that our clients are in compliance.”
Sarah McKune, a senior researcher with Citizen Lab, said her group began tracking down the IP addresses for specific websites after one of their members in the Middle East became suspicious that Syrian government sites were being hosted in Western countries, likely because services abroad are much more reliable.
She understands the elusive nature of web hosting and the resources that would be required to monitor all activity — which seems impossible, given that some of these companies have millions of websites under their umbrellas.
“It’s a very difficult question and it raises a lot of issues in terms of compliance and ethics and legal matters,” she told FoxNews.com. Citizen Lab became involved in tracking down these addresses because like the Obama administration, they believe Syria is using information technology as a political tool of oppression and propaganda, and Western countries should be aware if they are assisting them — however unwittingly — in that endeavor.
“The information and technology sector has really become an inherently political space, and it’s a space that is used for political messaging, mobilization and information control. And while some companies have addressed that fact, a lot of companies need to build that understanding into their internal processes,” she said.
McKune said her group does not want to “police the Internet,” but rather spark dialogue on how companies can institute better practices — something that Henry and the others say they are now trying to do, despite the cost and the technological challenges.
“They have to realize that they are not only providing a service,” she said, “but a platform for their customers.”