Sicurezza

Jigsaw’s Project Shield Will Protect Campaigns From Online Attacks

With midterm elections looming and primaries already underway in many states, anxiety has been building over the possibility of cyberattacks that could impact voting. Though officials and election security researchers alike are adamant that voters can trust the United States election system, they also acknowledge shortcomings of the current security setup.

Little time remains to meaningfully improve election security before the midterms. But Google parent company Alphabet’s experimental incubator Jigsaw announced on Tuesday that it will start offering free protection from distributed denial of service attacks to US political campaigns. DDoS attacks overload a site or service with junk traffic so that legitimate users can’t access it. For the last two years, Jigsaw’s Project Shield has focused on fighting DDoS where it might be used for censorship around the world, offering free defenses to journalists, small publications, human rights groups, and election board sites. Now, those tremendous resources and that technical expertise will extend to political campaigns.

“We’ve been doing Shield for a little over two years now, and we keep seeing this correlation where you see spikes in attacks particularly at organizations that have really important information around things like elections or conflict in the world,” says George Conard, the Project Shield product manager at Jigsaw. “In working on protecting news and elections information we’ve realized that the third piece of that equation of what information voters need during an election is from the candidates and the campaigns themselves.”

Project Shield currently protects hundreds of websites in 80 countries, and memorably stepped in to take over defense of journalist Brian Krebs’ website “Krebs on Security” after it was hit by a massive DDoS attack in September 2016.

Project Shield offers DDoS defense by acting as what’s called a “reverse proxy”. Instead of traffic flowing directly into and out of a site’s web servers, it is first routed through an intermediary that scans everything coming in for potentially malicious packets. The proxy will drop any deleterious requests, making the setup especially useful for defending against DDoS attacks. Even if a proxy is caught off guard at first and initially accepts junk traffic from an attacker, it can be quickly modified to start filtering the bulk requests out, limiting disruption.

Project Shield’s proxy is built on Google Cloud Platform, and also offers caching through Google. This means that the tool stores the parts of a website that don’t change often and serves those components directly to users without any requests even going to a site’s actual servers, reducing bandwidth demands even more to make it easier for a site to handle its daily processing and traffic load.

‘We keep seeing this correlation where you see spikes in attacks particularly at organizations that have really important information around things like elections or conflict in the world.’

George Conrad, Project Shield

Though the US intelligence community and Department of Homeland Security has consistently said that no votes were changed as the result of Russian election meddling in the 2016 presidential race, news about election hacking continues to surface, reinforcing concerns about the future. Just last week, the Anchorage Daily News reported that a hacker partly infiltrated Alaska’s public elections website on Election Day 2016. That intrusion is in addition to other election infrastructure probing in Alaska, and 22 other states, that DHS confirmed last year. And though DDoS attacks like those Project Shield defends against may not seem like the hack of choice for elections, that could change. Just last week, reports surfaced that during the midterm primaries in Tennessee on May 1, an election results website went down in Knox County because of a DDoS attack.

From offering its service to electoral commissions around the world, Project Shield researchers have seen the disruption that DDoS attacks on election-related sites can cause. For candidates, campaigns, and political action committees, site downtime on election day can mean that people have less access to information about how and where to vote. And those who are still weighing their options at the last minute could end up without the information they need about candidates. DDoS attacks could also be silencing throughout a campaign season for unknown or grassroots candidates attempting to first reach a base and build momentum.

“Our focus right now is making sure we get the word out to as many political organizations as we can that the threat is out there,” Conard says. “I would anticipate that we’ll see some spikes as different primaries crop up, so we’ll help anyone at any time, but the sooner people get protected the better. This isn’t something to wait until the last minute to do.”

Any US political campaign of any party affiliation will be eligible to have their websites protected by Google Shield. Conrad also notes that the move fits into Jigsaw’s larger election security awareness initiatives like the suite of cybersecurity tools Jigsaw and Google offer called “Protect Your Election.” And though DDoS attacks may or may not emerge as a central issue in election security, the more protections organizations have the better—especially given how many defense improvements around the country won’t be completed by the midterms just six months away.

More Great WIRED Stories