Nieman Foundation at Harvard
HOME
          
LATEST STORY
PressPad, an attempt to bring some class diversity to posh British journalism, is shutting down
ABOUT                    SUBSCRIBE
Oct. 2, 2017, 1:11 p.m.
Reporting & Production
LINK: www.eff.org  ➚   |   Posted by: Ricardo Bilton   |   October 2, 2017

Denial of service (DoS) and distributed denial of service (DDoS) attacks have become an unfortunate and unavoidable reality of the web today. The tactics have been implemented by both governments and activists looking to both suppress stories they disagree with. While attacks are increasingly commonplace, understanding of how to defend against them still lags behind.

Recognizing this, the Electronic Frontier Foundation has relaunched its guide on how organizations can defend themselves against the attacks. The guide offers guides on how news organizations (and others) can build threat models, how they can back up and mirror their sites, and which companies offer the services they might need. The EFF guide is particularly targeted at small organizations, which often lack the human and financial resources needed to protect their sites from external hacks.

Here are a few of the guide’s findings and suggestions:

— There’s no single solution to protecting against DoS attacks. The EFF guide suggests that all sites worried about security create their own threat-evaluation models, which will help give them a better idea of where attacks might come from, what they could look like, and how these questions can lead to the most cost-effective defense.

— Different web hosting options come with their own advantages and disadvantages. Hosted services like WordPress.com, for example, take on the responsibilities of securing the sites they host, but also limit the kinds of themes and plugins users can install, as well as in some cases the type of content they can publish. Hosted servers, in contrast, offer more tech and publishing, but require professional technologists to maintain security.

— Cloudflare’s Project Galileo, Deflect, Qurium/VirtualRoad.org all offer DDoS protection services for free to eligible organizations and individuals. Sites like Electionland, The Veterans Brotherhood, and the Internet Archive, among hundreds of others, have taken advantage of Project Galileo, for example.

— Organizations should also consider backing up and mirroring their sites. No anti-DDoS service will be completely effective, making backups essential. The EFF guide also suggests that sites create static mirrors of their sites that users can access in the event that the main sites get taken down.

You can find the full guide here.

Show tags
 
Join the 60,000 who get the freshest future-of-journalism news in our daily email.
PressPad, an attempt to bring some class diversity to posh British journalism, is shutting down
“While there is even more need for this intervention than when we began the project, the initiative needs more resources than the current team can provide.”
Is the Texas Tribune an example or an exception? A conversation with Evan Smith about earned income
“I think risk aversion is the thing that’s killing our business right now.”
The California Journalism Preservation Act would do more harm than good. Here’s how the state might better help news
“If there are resources to be put to work, we must ask where those resources should come from, who should receive them, and on what basis they should be distributed.”