A distributed denial of service attack (DDoS) is a type of digital attack where a hacker exploits thousands, or even millions, of computers and tricks them into visiting a website at the same time. The resulting flood of traffic often overwhelms servers and the website goes offline.
Independent news sites, election monitors, and human rights groups often don’t have the resources to protect themselves from attacks, which makes them an easy target for people who wants to censor free expression, says the internet firm Google.
Hence its Project Shield which uses a reverse proxy, which allows a webmaster to serve their site through the company’s infrastructure for free, providing a “shield” against would-be attackers. So far, according to the firm, it’s protected hundreds of news organizations and human rights websites that have faced attacks aimed at censoring free expression.
Comments
David Emm, principal security researcher at Kaspersky Lab, said that Google’s launch of Project Shield to protect against DDoS attacks highlights the capability for businesses to guard against such attacks, or risk financial loss, severe reputational damage, and possibly the loss of valuable customers.
Emm said: “DDoS attacks are nothing new; they’ve been a threat for many years and are one of the most popular weapons in a cybercriminals’ arsenal. However, we’ve noticed attacks have become persistent and sometimes against the same organisations. In fact, Kaspersky Lab found that in 2015, one in six (16pc) companies worldwide suffered a Distributed Denial of Service (DDoS) attack, with the attack rate rising to one in four (24pc) for enterprises.
“The problem is that today DDoS attacks can be set up cheaply and easily, from almost anyone, whether that be a competitor, a dismissed employee, socio-political protesters or just a lone wolf with a grudge. In fact, although the cost to businesses from this kind of attack is on average around £291,000, the simplest DDoS attack can be acquired for only £32.30 and ordered anonymously. As a result, the volume of attacks has rapidly increased in recent years, so it’s imperative that businesses find an effective way to safeguard themselves from such attacks in 2016. Companies can do this by partnering an internal specialist with an internet provider, to actively filter and weed out these types of crude attacks, and decrease the cost of customer protection, as well as reduce the risk of loss to the company.”
And Igal Zeifman, Senior Digital Strategist at Imperva, said “Project Shield is a valuable solution that highlights an important issue: the existence of cheap DDoS-for-hire services that enable anyone to launch DDoS attacks of substantial size, against any target. Google is also correct in assuming that news sites are amongst the most prominent targets for DDoS offenders. The solution Google offers combines traffic filtering and the ability to present cached content while a website is dealing with more traffic than it can handle. This can help against certain attack vectors, but it doesn’t fully addresses the different DDoS threats that websites are facing today. For instance, it cannot mitigate network layer attacks, especially direct-to-IP attacks that target specific IP addresses and elements of a network’s infrastructure. There is also the question of attack duration, as many DDoS assault can be easily sustained for days, weeks or even months at a time. For attacks like these, serving stale cached content is a hard compromise, perhaps even more so for a news organization.
“In short, Project Shield can be an effective and important initiative to provide application layer protection for news organizations with no access to dedicated mitigation solutions. Depending on the duration and type of attack, however, a more targeted solution may prove beneficial.”
Picture by Mark Rowe; Northampton town centre.
