For the longest time, people have associated Cyber threats with just technology. While this is true to a certain degree, the world of Cyber terrorism has now crossed into international borders. The primary reason for this is that Cyber attackers are just not home grown – rather, they come from different countries, different nationalities, different walks of life, different cultures, etc. In fact, many attacks that occur here on US soil have their origins in Asia, Russia, North Korea, the Middle East, Africa, etc. (not trying to pick on geographic places per se).
In fact, when a Cyber attack does occur, it just does not affect US citizens, it affects people worldwide. Again, the main reason for this is that business crosses into international borders as well. For instance, an online merchant (such as that of Amazon) has customers from literally every corner of the earth.
So when an attack occurs on their servers which could be located here on US soil, it affects everybody all over.
Realizing that Cyber attacks crosses into the political realm, and in terms of a technological standpoint, servers, Google has come out with a new plan called “Project Shield” to protect the servers that news sites run on and the freedom of expression to defend the democratic process.
At the present time, Google is accepting and reviewing applications from various journalists, news organizations, and even some political organizations as well. Obviously, not everybody is going to fit the bill to get qualified, thus the comprehensive review process.
In order to protect these specific entities, Google will be (or has been using already – not for sure yet what the exact status is) using a technology called a reverse proxy that allows the various websites to route both legitimate and attack traffic through Google’s infrastructure to ultimately filter out harmful traffic by catching it through a process called “caching”.
While all this is great in theory, the users that subscribe to this service should be aware that Google will collect and store user configuration settings and logs for all traffic that is proxied through Project Shield. But, Google has reaffirmed that it only uses the site reader’s IP address and other information to evaluate whether the traffic is an attack and only retains aggregated metrics and details about specific attacks that actually transpire.
But, if an end user wishes to delete their participation in the “Project Shield” program, they are free to so at anytime they want to, and all of their relevant will also be deleted. If an end user has been accepted into the program, they will also need to open up a Google account, which of course is very easy to do as well, and is free to those who do not have this kind of account.
But, it should be noted that “Project Shield” is only used right now to protect against large scale DDoS style of attacks: “Google’s Project Shield should provide good protection . . . What we tend to find is that shared cloud services are excellent for scrubbing the larger, prolonged DDoS attacks.” (SOURCE: https://www.scmagazine.com/google-offers-free-ddos-protection-services-in-the-name-of-free-democracy/article/766778/).
But, at the present time, it is not yet designed to protect against the smaller types of DDoS style attacks that occur, especially for the smaller sized organizations. At the present time, Google has no plans to address this issue, at least from what I can see. Also, what is not clear is to the level of degree of protection that an organization that participates.
For example, if it is just a simple blog site (something like mine) then they may not receive as much protection. But, if it is a much larger organization with an actual revenue model, then obviously, much more protection will be needed not to just protect the servers themselves, but the private and confidential information of the customers as well.
For example, “News organizations with a revenue generating subscriber base and/or advertisers who are paying to access a targeted audience will need more comprehensive real-time DDoS protection to be able to stay online during a cyber-attack.” (SOURCE: https://www.scmagazine.com/google-offers-free-ddos-protection-services-in-the-name-of-free-democracy/article/766778/).
My thoughts? Well, I think it is great what Google is trying to accomplish. I wish some of the other big tech titans would come out and do this as well, such as Microsoft, Cisco, Oracle, etc. But, also in my view, if one type of organization can receive this kind of protection, then all organizations should be able to as well. For that matter, even all Google users on theory, should receive this same kind of protection as well.
But then of course, the IT infrastructure at Google is of course, limited. Resources are obviously finite, and can only be stretched so far. But maybe, perhaps, a tiered model really may just be the thing in the end: You literally get what you pay for. Free means free, and if you are the at the highest tier of paying subscription, then you will receive the highest level of service possible.
Will this model work in the end? Only time of course, will tell.