After the 2016 presidential election was targeted by (purportedly Russian) criminal hackers, state and election officials are wary of further cyber attacks on this year’s midterm elections.
On May 1, an election results website went down during midterm primaries in Knox County, Tennessee following a distributed denial-of-service (DDoS) attack. This type of attack overrides a website or service with junk traffic, effectively disrupting its functionality.
With little time left to improve election security before the midterms, Jigsaw, a subsidiary of Google’s parent company, Alphabet, is developing a free application that will defend US political campaigns from DDoS.
Project Shield was created to be used by journalists, small publications, human rights groups, and election board sites to fight against DDoS, and currently provides protection to websites in 80 countries. Now, the service is being extended to political campaigns.
“We’ve been doing Shield for a little over two years now, and we keep seeing this correlation where you see spikes in attacks particularly at organizations that have really important information around things like elections or conflict in the world,” George Conard, Project Shield project manager.
How Project Shield works
Project Shield provides protection against DDoS through a ‘reverse proxy’, an intermediary that scans incoming data. The proxy will drop any malicious requests made and, even if junk traffic passes through, the system can rapidly filter out the information with the flip of a switch.
Project Shield uses Google Cloud Platform and offers caching through Google, meaning that it can store certain parts of a website that don’t change much. Those components can be relayed without interacting with the site’s actual servers, reducing bandwidth demands.
Conard says that Project Shield is focused on getting the word out so that political organizations can recognize the threat and protect themselves. All US political campaigns, of any type and party affiliation, are eligible. Jigsaw also plans to expand on its election security awareness initiatives with a suite of data security tools called “Protect Your Election”.
Learn how to secure your organization by implementing an ISO 27001 ISMS
IT Governance’s ISO27001 Foundation and Lead Implementer Combination Online course will help you implement an information security management system (ISMS) aligned with ISO 27001, the international best-practice standard. Our live training session will teach you how to comply with data security laws and reduce the risk of a data breach with an ISO 27001-compliant ISMS.
Register for both the ISO27001 Foundation and Lead Implementer Combination Online courses and save 15%.