X

Google's Project Shield defends free speech from botnet scourge

It's an effort to save journalists, activists and others from botnets of hacked DVRs and security cameras used to swamp websites with data.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
3 min read
1-kbu3aw7jvrjc40hpd3ieg.jpg

Jigsaw, formerly known as Google Ideas, created Project Shield to protect against DDoS attacks.

Jigsaw

Akamai, which speeds website content to users, had never seen anything like it.

At nearly 620 gigabits of traffic per second, an "extremely large and unusual" attack flooded the website of cybersecurity journalist Brian Krebs with page-view requests, knocking it offline.

In what's known as a distributed denial-of-service (DDoS) attack, hackers had conscripted hordes of connected gadgets like digital video recorders, routers and digital cameras into a botnet, which overwhelmed his website, Krebs wrote on September 21.

Imagine servers as buckets, and normal traffic as drops of rain. DDoS attacks would be water from hoses, causing the buckets to overflow and preventing any raindrops from actually getting in.

The security needed to ward off the attack would have cost Krebs up to $200,000 a year, but Google's Project Shield stepped in to fend off the DDoS attack for free.

Krebs' page was back up and running on Sunday.

The attack shed light on a little-known but important service offered by Google, one designed to protect journalists, news sites, election-monitoring sites and human-rights advocates from cyberattacks.

Project Shield is one of the free-speech protection tools offered by Jigsaw. The New York City-based think tank, formerly known as Google Ideas, changed its name in February after Google restructured to become Alphabet.

Jigsaw's goal, says its website, is to use technology to "make people in the world safer," taking on issues like censorship, corruption and extremism.

DDoS attacks have only grown since Project Shield saved Krebs. On Thursday, internet service provider OVH Hosting said it was hit with more than 1 terabit per second of traffic -- a record, say some -- from a botnet made up of 145,607 cameras and DVRs.

Who gets help from Project Shield?

Project Shield works by receiving traffic requests on your website's behalf, then filtering out the actual visitors from the legion of spambots. Going back to the bucket analogy, Project Shield would be like having Google's massive bucket covering your servers, taking in the rainwater and the flood from the hose, and then passing along only the rainwater through to your bucket.

For now, the protection is available only to a select group.

Websites across the world, like El Ciudadano in Chile, Marques in Angola and The Local in Europe are using Project Shield's services.

"We offered the free service to those groups first because they can be especially vulnerable to DDoS attacks, and many of them lack the resources to engage paid DDoS-mitigation services," according to Jigsaw.

The project originally started as a way of countering state-sponsored DDoS attacks, but in Krebs' case, he pointed out that his assailants were most likely private individuals who built up an army for the botnets. The scenario presents a new challenge for Project Shield, as DDoS attacks continue to grow and as more internet of things devices become activated.

Project Shield has been notifying owners if their machines have been hijacked for DDoS attacks, and it's been pinpointing networks that allow this to happen, according to Jigsaw. The think tank has been studying the DDoS attack Krebs suffered and using it to improve its own defenses.

Despite Project Shield's presence, the use of these attacks to stifle free speech will continue to be a problem.

"The internet can't route around censorship when the censorship is all-pervasive and armed with, for all practical purposes, near-infinite reach and capacity," Krebs said.