I consider myself a small part of the Brian Krebs’ readership community. The guy has been contributing at so many different levels to web security for a couple of years now. If you haven’t heard about him, you can head over to his official website; not only is the guy a journalist, but also a self taught hacker who makes a decent living.
So anyway, Brian’s website was reportedly attacked by an insane amount of fake traffic spike ranging at nearly 620 Gbs. This was another example of bot powered DDoS attack that has been executed by other hackers or hacking groups against many online platforms in the year. In fact, an earlier website where I used to create content was also taken down once.
At first we thought that we were getting legit traffic to a webpage that went viral, but it turned out to be a DDoS attack. Long story short, that old website remained offline for a day or two, hence affecting the readers from all over the world.
In one of his posts on September 21, 2016, Brian Krebs highlighted the DDoS incident as an onslaught of “digital video recorders, routers, bot traffic, digital cams and etc., all of which was funneled to his website to take it down for a good amount of time.”
If you have no knowledge of a DDoS attack, it is designed to affect a target website through an insane amount of page view requests or visitors. Since a normal website, or even a premium hosted account is not handled by default to experience these awful traffic spikes, the resulting website goes offline temporarily. Depending on the intensity of the attack, the webmaster may have to contact his web hosting customer support to report the incident for an immediate resolution.
…which brings us to Google’s Project SHIELD:
No it is not similar to Marvel’s Agents of S.H.I.E.L.D series; maybe the agenda is the same i.e. to kill the bad guys or something. However, in Google’s case, their program was launched to serve and protect people of the internet. In other words, Shield AKA Jigsaw is a free speech protection tool that thrives to prevent cyberattacks on all fronts.
Since DDoS qualifies as one of such attacks, Krebs sought the help of Project Shield to bring back his website and set counter measures to prevent such incidents from happening in near future. If you have been at the short end of the stick, you need to seek Project Shield services. The program will monitor your web traffic on behalf of your website, and then it will filter out possible spam bot attacks.
At the moment, Google is still in the testing phase with Project Shield, which is why their program is available to select number of clients/ websites from across the world. For instance, European website owners are benefitting from Shield’s protection because the region is known for worst spam and DDoS attacks. According to a Project Shield correspondent,
“We offered the free service to those groups (in Europe) first because they can be especially vulnerable to DDoS attacks. Many of them lack the resources to engage paid DDoS mitigation services.”