U.S. political organizations are now being offered a free tool to defend against distributed denial of service attacks courtesy of Jigsaw, a subsidiary of Google parent company Alphabet, ahead of the 2018 midterm elections.
The offer comes after a local election in Knox County, Tennessee, was recently forced to delay the release of voting results after their website was hit by a DDoS attack.
Dubbed “Project Shield,” Jigsaw’s defensive software is designed to flag, filter and contain loads of malicious traffic. The tool is built off of Google’s own server architecture and scanning capabilities, making it capable of quickly identifying and blocking IP addresses that are recognized as being part of botnets.
The integrated web software was previously available for free to journalists and human rights organizations, among others, but Wednesday’s inclusion of U.S. political organizations opens the door to a massive new user base that is set to include political action committees, campaigns and political consultancies. The plan is to expand it to international political groups in the future.
“Jigsaw has spoken with many organizations in the elections space. We really want every sized campaign and organization, from the local level to the national level, to be protected,” said George Conard, Project Shield’s product manager. “We have not been in contact with any Knox County election officials following the reports they were hit with a DDoS attack. [But] the reported attacks demonstrate the threat and the need for organizations involved in elections – from elections boards to political campaigns to news publishers – to protect themselves from digital attacks.”
In a separate interview with Forbes, Conrad said that Jigsaw would offer the service to campaigns regardless of their political affiliation so long as they adhered to the company’s content and conduct policy, which bans the promotion of “hate speech.”
“We saw an increase in the size, frequency and complexity of attacks used to censor voices and information that we believe should be protected and accessible, and we saw that we could build a service to help protect those who might not be able to protect themselves,” said Conrad. “For these organizations, we don’t believe that defending free expression should depend on your financial resources – which is why the service is free.”
Investigators said that compromised computer systems located abroad were used to send floods of malicious, artificial internet traffic to the Knox County election website in order to force it offline, CyberScoop previously reported. Amid the chaos caused by the DDoS, the hackers also sought to breach a county web server through a known vulnerability, but they reportedly failed. It’s unclear whether the unidentified hackers wanted to manipulate voting results or simply cause confusion.
The FBI was not called in to respond. A private firm handled the response effort.
The Knox County incident, although rudimentary in nature, has served as a reminder of the looming cyber threats facing contemporary elections, experts say.
Senior U.S. intelligence officials have consistently predicted that the 2018 midterms will face meddling attempts by foreign governments, similar to what happened in the 2016 presidential election at the hands of Russian-linked groups.
Jigsaw declined to provide the internal budget allocated to the project.