Hiding in Google’s Cloud From DDoS Cyber Attacks

In the world of cyber crime, one method that is on the increase is the DDoS or ‘Distributed Denial of Service’ attack in which the perpetrator uses multiple compromised systems (that are often infected with a Trojan virus) to launch a single attack on one system.

The result is to overwhelm that system rendering it unavailable. You may have read of an attack recently that used a Pingback feature loophole to leverage 26,000 WordPress websites to launch a DDoS.

Similar high profile attacks have been launched on Xbox Live and PlayStation Network gaming and one of the main reasons why these attacks have become so popular among cyber criminals is that they can inflict large scale damage for minimal cost, while minimising the risk of being detected. It is estimates that a DDoS attack can cost the criminal around £30 to execute (presumably excluding labour costs) and it can be ordered anonymously.

For the business that is the focus of the attack the results can not only be the temporary disruption, but the fallout from that disruption which can include lost customers, bad press and damage to reputation.

In monetary terms estimates of the average cost of this kind of attack to a business is around the £300,000 mark.

Google To The Rescue – (Mainly For News Sites)

In the light of the increasing risks of DDoS attacks, those who run news, human rights or elections sites which host “free expression” content can gain some comfort from the fact that Google is now offering protection in the safety of its Cloud as part of what it is calling “Project Shield”. The free service is inviting applications through its website https://projectshield.withgoogle.com/public/ .

According to Google’s Project Shield, if the online application is approved the successful webmaster will be emailed the configuration instructions, and provided they have administrative privileges for the website, and they can modify DNS records, protection for DDoS attacks for their website can be set up in as little as 10 minutes.

How It Works

Google’s Project Shield uses a technology known as “reverse proxy” to route a website’s traffic through Google’s infrastructure (Google Cloud Platform), whereby “illegitimate traffic” can be stopped from reaching the server.

Google suggests that the service is akin to “a train conductor only letting ticketed passengers aboard”.

Although it is unlikely to noticeably affect a website’s performance, users from countries where Google’s IP addresses are blocked will not be able to access the content served through Project Shield.

Next stop … a paid service from Google … for regular business users?