Nieman Foundation at Harvard
HOME
          
LATEST STORY
The future of local news is “civic information,” not “declining legacy systems,” says new report
ABOUT                    SUBSCRIBE
Oct. 2, 2017, 1:11 p.m.
Reporting & Production
LINK: www.eff.org  ➚   |   Posted by: Ricardo Bilton   |   October 2, 2017

Denial of service (DoS) and distributed denial of service (DDoS) attacks have become an unfortunate and unavoidable reality of the web today. The tactics have been implemented by both governments and activists looking to both suppress stories they disagree with. While attacks are increasingly commonplace, understanding of how to defend against them still lags behind.

Recognizing this, the Electronic Frontier Foundation has relaunched its guide on how organizations can defend themselves against the attacks. The guide offers guides on how news organizations (and others) can build threat models, how they can back up and mirror their sites, and which companies offer the services they might need. The EFF guide is particularly targeted at small organizations, which often lack the human and financial resources needed to protect their sites from external hacks.

Here are a few of the guide’s findings and suggestions:

— There’s no single solution to protecting against DoS attacks. The EFF guide suggests that all sites worried about security create their own threat-evaluation models, which will help give them a better idea of where attacks might come from, what they could look like, and how these questions can lead to the most cost-effective defense.

— Different web hosting options come with their own advantages and disadvantages. Hosted services like WordPress.com, for example, take on the responsibilities of securing the sites they host, but also limit the kinds of themes and plugins users can install, as well as in some cases the type of content they can publish. Hosted servers, in contrast, offer more tech and publishing, but require professional technologists to maintain security.

— Cloudflare’s Project Galileo, Deflect, Qurium/VirtualRoad.org all offer DDoS protection services for free to eligible organizations and individuals. Sites like Electionland, The Veterans Brotherhood, and the Internet Archive, among hundreds of others, have taken advantage of Project Galileo, for example.

— Organizations should also consider backing up and mirroring their sites. No anti-DDoS service will be completely effective, making backups essential. The EFF guide also suggests that sites create static mirrors of their sites that users can access in the event that the main sites get taken down.

You can find the full guide here.

Show tags
 
Join the 60,000 who get the freshest future-of-journalism news in our daily email.
The future of local news is “civic information,” not “declining legacy systems,” says new report
“In this vision, the community librarian facilitating conversations around authoritative, trusted digital news is as celebrated as the dogged reporter pursuing a scoop.”
Is text-generating AI an industry killer or just another wave of hype?
“There can potentially be massive shifts, benefits, and risks in many industries, but I cannot see a scenario where this is a ‘sky is falling’ kind of issue.”
Meet the first-ever accessibility engineer at The Washington Post
“It is definitely stressful to be the first in this new role. I feel deep down like I need to justify its creation with every step that I take.”