{"id":88594,"date":"2023-03-29T09:38:43","date_gmt":"2023-03-29T09:38:43","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4057257"},"modified":"2023-03-29T09:38:43","modified_gmt":"2023-03-29T09:38:43","slug":"with-political-hacktivism-on-the-rise-google-launches-project-shield-to-fight-ddos-attacks","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=88594","title":{"rendered":"With political \u2018hacktivism\u2019 on the rise, Google launches Project Shield to fight DDoS attacks"},"content":{"rendered":"<figure id=\"attachment_4057259\" aria-describedby=\"caption-attachment-4057259\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-article wp-image-4057259\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2023\/03\/with-political-hacktivism-on-the-rise-google-launches-project-shield-to-fight-ddos-attacks.jpg\" alt=\"The Google Cloud outside their headquarters.\" width=\"770\" height=\"514\"><figcaption id=\"caption-attachment-4057259\" class=\"wp-caption-text\">Image: Sundry Photography\/Adobe Stock<\/figcaption><\/figure>\n<p>As has been widely <a href=\"https:\/\/www.radware.com\/newsevents\/pressreleases\/2023\/radware-full-year-2022-report-malicious-ddos-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">documented<\/a>, distributed denial of service, or DDoS, attacks rose precipitously last year. A microcosm of this upward trend involved exploits targeting public information sites and tied to political events, including the war in <a href=\"https:\/\/cip.gov.ua\/en\/news\/shodo-kiberataki-na-saiti-viiskovikh-struktur-ta-derzhavnikh-bankiv\" target=\"_blank\" rel=\"noopener noreferrer\">Ukraine<\/a> and the midterm elections in the U.S.<\/p>\n<p>In response to the rise in politically motivated DDoS attacks, Google is offering a free service called <a href=\"https:\/\/projectshield.withgoogle.com\/landing\" target=\"_blank\" rel=\"noopener noreferrer\">Project Shield<\/a> to government sites, news and independent journalists, sites related to elections and voting, and sites that cover human rights (<strong>Figure A<\/strong>).<\/p>\n<p><strong>Figure A<\/strong><\/p>\n<figure id=\"attachment_4057260\" aria-describedby=\"caption-attachment-4057260\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-article wp-image-4057260\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2023\/03\/with-political-hacktivism-on-the-rise-google-launches-project-shield-to-fight-ddos-attacks.png\" alt=\"Spike in candidate websites during the 2022 midterm elections.\" width=\"770\" height=\"332\"><figcaption id=\"caption-attachment-4057260\" class=\"wp-caption-text\">Image: Google. Spike in candidate websites during the 2022 midterm elections.<\/figcaption><\/figure>\n<p><strong>SEE<\/strong>: Read <a href=\"https:\/\/www.techrepublic.com\/article\/devsecops-security-software-cycle\/\">here<\/a> to learn why it\u2019s \u201cshields up\u201d time for all enterprises \u2014 public or private sector.<\/p>\n<aside class=\"pinbox right\">\n<h3 class=\"heading\">Must-read security coverage<\/h3>\n<\/aside>\n<p>Network security firm Cloudflare <a href=\"https:\/\/info.cloudflare.com\/rs\/713-XSC-918\/images\/BDES-4180_DDoS-Trends-Report-Q4-2022-WP-Letter.pdf?mkt_tok=NzEzLVhTQy05MTgAAAGKtDwRJ-Y9B7Rol9zPeMWPEV4ZSn-8GSkm9qP4Qre6K8CxgKpS-GgrDz27oG2_YwzUQgjYY6kJAgrI2pny0-5jq0tNRxfpl_DJ8F10LQ2sc6CFrKBesg\" target=\"_blank\" rel=\"noopener noreferrer\">reported<\/a> DDoS attack traffic worldwide increased by 79% year-over-year in Q4 2022. It noted that most of the attacks were small, but standouts were terabit-strong DDoS attacks in the hundreds of millions of packets per second, with large-scale attacks powered by botnets.<\/p>\n<p>Microsoft noted in a February <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/21\/2022-in-review-ddos-attack-trends-and-insights\/\" target=\"_blank\" rel=\"noopener noreferrer\">blog<\/a> post that 42% of all DDoS attacks last year occurred in the U.S. Examples in the U.S. and other countries of politically motivated attacks last year include:<\/p>\n<ul>\n<li>Russian state actors launched a DDoS <a href=\"https:\/\/www.cnn.com\/2022\/07\/08\/politics\/congress-website-disrupted\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\">attack<\/a> against U.S. Congress websites in July.<\/li>\n<li>In November 2022, the European Parliament\u2019s website was <a href=\"https:\/\/www.politico.eu\/article\/cyber-attack-european-parliament-website-after-russian-terrorism\/\" target=\"_blank\" rel=\"noopener noreferrer\">attacked<\/a> by pro-Russia hacker group, Killnet.<\/li>\n<li>Cybersecurity firm <a href=\"https:\/\/www.radware.com\/getattachment\/ba8a3263-703b-4cc7-a5d0-741dc00e9273\/H1-2022-Threat-Analysis-Report_2022_Report-V2.pdf.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">Radware<\/a> reported DDoS attacks by Malaysian hacktivists against Israel and India as a response to political events.<\/li>\n<li>CNN, Rappler, ABS-CBN, and VERA Files were hit by politically motivated DDoS attacks, according to Radware.<\/li>\n<\/ul>\n<p>In its own <a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/ddos-attack-trends-during-us-midterm-elections\" target=\"_blank\" rel=\"noopener noreferrer\">report<\/a> using data from Project Shield, Google noted that during last year\u2019s election cycle in the U.S., attacks against websites that self-identified as offering election information on their Project Shield application saw a surge in attacks:<\/p>\n<ul>\n<li>The company reported a 400% rise in DDoS attacks on its customers during last year\u2019s election season in the U.S.<\/li>\n<li>In the second half of 2022, Project Shield saw over 25,000 such attacks against customers, many of them 100,000 queries per second in size.<\/li>\n<\/ul>\n<p>\u201cOne thing we saw in Ukraine were targeted attacks to bring down critical infrastructure websites and other sites that help Ukraine communities get access to information. Same thing we see extended into our elections here: to deny users access to information,\u201d said Muninder Sambi, vice president, networking and security at Google Cloud.<\/p>\n<p>\u201cThese can happen from anywhere in the world,\u201d Sambi said. \u201cAll you need is public access to the site. Also if you don\u2019t have the technical prowess, you can purchase them from the dark web by DDoS for hire,\u201d he added. (<strong>Figure B<\/strong>)<\/p>\n<p><strong>Figure B<\/strong><\/p>\n<figure id=\"attachment_4057261\" aria-describedby=\"caption-attachment-4057261\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-article wp-image-4057261\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2023\/03\/with-political-hacktivism-on-the-rise-google-launches-project-shield-to-fight-ddos-attacks-1.png\" alt=\"DDoS attacks against Google Cloud customer sites spiked during the midterm election last November.\" width=\"770\" height=\"312\"><figcaption id=\"caption-attachment-4057261\" class=\"wp-caption-text\">Image: Google Cloud. DDoS attacks against Google Cloud customer sites spiked during the midterm election last November.<\/figcaption><\/figure>\n<h2>What is Project Shield?<\/h2>\n<p>Project Shield, created by Google Cloud and Jigsaw and powered by Google Cloud Armor, filters out malicious traffic using Google\u2019s infrastructure and DDoS tools.<\/p>\n<p><strong>SEE<\/strong>: Cybersecurity: <em>A<\/em> <em>la carte<\/em> or a comprehensive <a href=\"https:\/\/www.techrepublic.com\/article\/shadowit-leaves-security-grappling-low-visibility\/\">suite of solutions<\/a>?<\/p>\n<p>Sambi said the technology challenges both the most common DDoS attack: brute force exploits that overload target servers with queries, essentially shutting them down. He added that Project Shield is also automated, and driven by a machine learning-powered back end that enables a \u201cdefense in depth\u201d strategy.<\/p>\n<p>According to Google, to detect, deflect and mitigate attacks, Project Shield comprises the <a href=\"https:\/\/cloud.google.com\/armor\" target=\"_blank\" rel=\"noopener noreferrer\">Google Cloud Armor<\/a> network security system \u2014 which includes such features as an ML mechanism to detect and block application layer DDoS attacks, and bot management at the cloud edge. It also uses cloud-based <a href=\"https:\/\/cloud.google.com\/cdn\" target=\"_blank\" rel=\"noopener noreferrer\">content delivery networks<\/a> and <a href=\"https:\/\/cloud.google.com\/load-balancing\" target=\"_blank\" rel=\"noopener noreferrer\">load-balancing technologies<\/a>.<\/p>\n<p>\u201cLast year we stopped an attack, among the largest that has ever happened, that delivered 47 million requests per second, targeted to one of our customers,\u201d Sambi said. \u201cAnd without requiring the customer to configure anything, using full automation, we were able to protect against it.\u201d<\/p>\n<p>He added that a high level of automation with no customer defense cooperation needed was an important aspect of the product. \u201cA lot of our customers say it\u2019s really hard to manage a DDoS solution and to understand what constitutes legitimate attacks. Also, adversaries are getting bolder and using AI and machine learning tools to infiltrate web services across the globe in a way they can bypass DDoS mechanisms. So, with our ML back end we can tell which incoming requests are legitimate or not.\u201d<\/p>\n<h2>How Project Shield mitigates DDoS attacks<\/h2>\n<p>Project Shield is what is known as a reverse proxy. The platform\u2019s servers receive traffic requests on a website\u2019s behalf and then send traffic to the servers of the website that is using the security product. Google said Project Shield protects against DDoS by filtering harmful traffic and by caching versions of a website\u2019s content to serve to the site\u2019s visitors. This caching reduces traffic requests to a site\u2019s server, absorbing potential DDoS attacks.<\/p>\n<p>Additionally, Project Shield incorporates these additional features to protect clients against DDoS attacks:<\/p>\n<h3>Load balancing helps reduce impact of DDoS attacks<\/h3>\n<p>Load balancing distributes network traffic to prevent failure caused by overloading a particular resource, according to <a href=\"https:\/\/www.ibm.com\/topics\/load-balancing#:~:text=Load%20balancing%20lets%20you%20evenly,user%20requests%20quickly%20and%20accurately.\" target=\"_blank\" rel=\"noopener noreferrer\">IBM<\/a>. It improves the performance and availability of applications, websites, databases, and other computing resources, per the company. But, because it distributes traffic to different nodes it also reduces the force of a DDoS attack in the same way multiple route options for vehicles helps mitigate traffic jams during rush hour.<\/p>\n<h3>CDNs protects against DDoS by moving content to the edge cloud<\/h3>\n<p>Content delivery networks help cache content at the network edge, which improves website performance. By caching content at the edge, nearer the end user, the content provider is able to \u201ccarry\u201d less across networks, much as a hiker who caches their supplies along a route has less to carry along the way. According to <a href=\"https:\/\/www.cloudflare.com\/learning\/cdn\/what-is-a-cdn\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cloudflare<\/a>, CDN also helps prevent interruptions in service, and mitigates interruptions caused by DDoS attacks.<\/p>\n<p>Sambi said both CDN and load balancing are already used by most Google Cloud customers.<\/p>\n<p>\u201cWhenever a customer of ours builds a web service in Google Cloud, or any other cloud, and wants global reach, they use a CDN offering so they can deliver the best customer experience for initial page loading,\u201d he said. \u201cCustomers use loading balancing to provide auto-scaling of the website when traffic on the website increases a lot.<\/p>\n<p>\u201cMany of our customers think of security as an afterthought, but one of our strategies is making sure security is embedded, not bolted on. That\u2019s why the Google Cloud Armor infrastructure is fully integrated into our load balancer as well as CDN, independent of where the user or traffic comes from, so we are able to defend against DDoS attacks.\u201d<\/p>\n<h2>Google says Project Shield stops almost all DDoS attacks<\/h2>\n<p>Google Cloud claims 95% efficacy of Project Shield in defending against DDoS attacks. It derives that percentage from its metrics covering probe attempts against all of its customers during periods of time during which Google Cloud\u2019s system classified websites as \u201cunder attack.\u201d In the context of Google Cloud, this would mean, among other factors, evidence of abusive traffic patterns from one or more clients.<\/p>\n<h2>What\u2019s to come? Experts say more political DDoS attacks<\/h2>\n<p>\u201cIn 2023, the democratization of DDoS and patriotic hacktivism will continue to drive an increase in smaller, more frequent attacks \u2013 a trend we are already seeing in the increased frequency of lower volume attacks in [Europe, the Middle East and Africa]. At the same time, expect the cybercrime underground to become even better organized and funded in its pursuit of hard-hitting attacks,\u201d said Google Cloud in a statement released Monday.<\/p>\n<p>Microsoft, in its blog, also reported politically motivated cybercrime increasing this year, with DDoS attacks becoming used as distractions to hide extortion and data theft. The company sees new IoT DDoS botnets emerging.<\/p>\n<p>\u201cAs geopolitical tensions continue to emerge globally, we will likely continue to see DDoS being used as a primary tool for cyberattacks by hacktivists,\u201d it said.<\/p>\n<h2>Who can apply for Project Shield?<\/h2>\n<p>News, human rights, and election monitoring websites are eligible to <a href=\"https:\/\/support.projectshield.withgoogle.com\/s\/article\/How-to-apply-for-Project-Shield?language=en_US&amp;r=51&amp;ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1\" target=\"_blank\" rel=\"noopener noreferrer\">apply<\/a>, according to Google, which said government entities under exigent circumstances and not subject to sanctions are also eligible. Project Shield individually reviews applications and invites eligible applicants on a rolling basis, according to the company, which explains pricing for its paid version <a href=\"https:\/\/cloud.google.com\/armor\/pricing\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n<h2>How to learn more about Google Cloud<\/h2>\n<p>If you are interested in learning more about cloud computing, get up to speed with the Google Cloud platform with a complete Google Cloud eBook and video course bundle. Check it out <a href=\"https:\/\/academy.techrepublic.com\/sales\/the-complete-google-cloud-ebook-video-course-bundle?utm_source=techrepublic.com&amp;utm_medium=referral&amp;utm_campaign=the-complete-google-cloud-ebook-video-course-bundle&amp;utm_term=scsf-558973&amp;utm_content=a0x1P0000057kroQAA&amp;scsonar=1\">here<\/a>.<\/p>\n<p> <!-- default newsletter at the end --> <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Image: Sundry Photography\/Adobe Stock As has been widely documented, distributed denial of service, or DDoS, attacks rose precipitously last year. A microcosm of this upward trend involved exploits targeting public information sites and tied to political events, including the war in Ukraine and the midterm elections in the U.S. In response to the rise in [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":88595,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[40,783,154,287,27],"tags":[],"class_list":["post-88594","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud","category-cloudsync","category-google","category-security","category-software"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/88594","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=88594"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/88594\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/88595"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=88594"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=88594"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=88594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}