Google Project Shield Protects News Sites From DDoS Attacks


Google Project Shield provides DDoS protection for verified journalists, journal publications, and non-profit organizations. Best of all, the service is pro-bono.

Security journalist Brian Krebs of Krebs on Security is one notable customer when this past week, Krebs’ website was shut down by a 620 Gbps DDoS attack, and Project Shield took over as the DDoS mitigation provider right after Akamai dropped their services.

For most independent journalists, top-tier DDoS protection can become expensive with services costing upwards of hundreds of thousands year to absorb large-scale attacks. Akamai claimed that continuing services with Krebs could cost upwards of a million per year, and this was Google’s opportunity to capitalize on the DDoS mitigation market and prove that not only they can absorb attacks of this scale, but they can provide the service for free.

Krebs attributed DDoS attacks as being utilized as a form of censorship. Since he identified the perpetrators behind vDOS, the massive DDoS attack that shut off his website immediately after might have been retribution for his reporting. He believes that attackers sending huge swathes of false traffic can knock a site offline and hamper the spread of information.

“But what we’re allowing by our inaction is for individual actors to build the instrumentality of tyranny,” Krebs said. “And to be clear, these weapons can be wielded by anyone — with any motivation — who’s willing to expend a modicum of time and effort to learn the most basic principles of its operation.”

As part of Jigsaw (formerly Google Ideas), a technology incubator dedicated to applying technological solutions for global issues, Project Shield launched as a pilot project back in 2013 and was solely for small-scale independent news sites covering human rights, election monitoring and political news. As of February 2016, they are open to more independent news organizations upon approval and dedicating their network resources to preventing DDoS attacks. While big news sites are welcome to join, Google is continuing to focus their efforts on smaller sites that does not necessarily have the infrastructure needed to fight off such an attack.

Any site that signs up for Project Shield can make a change to their domain name configuration that redirects visitors to a Google server. That server acts by channeling through their so-called “reverse proxy”—an intermediate server owned by Google designed to filter out malicious traffic and absorb traffic after having cached the content on its’ servers.

In order to use Project Shield, the customer has to give Google complete visibility into their site visitors. With that, all requests and responses on the reverse proxy are recorded by Google. However, Google promises that the data logs will only be kept for two weeks, after which the data will be used in aggregate to learn more about the attacks. Google also notes that all collected data will not be used for advertisement-related purposes.

Other features of Project Shield include real-time site analytics, SSL and bare domain support, and the ability to easily add new sites and admins. All news organizations that wish to use Project Shield can apply, and are accepted on a rolling basis.

Scroll to Top