KrebsOnSecurity is arguably the world’s most intrepid source of security news. Its founder Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals, whose interest grew after a computer worm locked him out of his own computer in 2001.
KrebsOnSecurity was silenced and hit with record DDoS in mid-September 2016. It has not re-opened its website again, with its DDoS protection provider switching from Akamai to Google’s Project Shield.
According to Krebs, it was Akamai that chose to unmoor his site from its protective harbour. “Akamai rather abruptly informed me I had until 6 p.m. that very same day — roughly two hours later — to make arrangements for migrating off their network. My main concern at the time was making sure my hosting provider wasn’t going to bear the brunt of the attack when the shields fell. To ensure that absolutely would not happen, I asked Akamai to redirect my site to 127.0.0.1 — effectively relegating all traffic destined for KrebsOnSecurity.com into a giant black hole.” wrote Kerbs on the website, explaining what happened.
He continued to warn that DDoS attaches is “a form of censorship”, as “economics of mitigating large-scale DDoS attacks do not bode well for protecting the individual user, to say nothing of independent journalists.”
Before Google’s Project Shield came on board, Krebs looked into mitigation services currently available, but to no avail. “In the hours and days following my site going offline, I spoke with multiple DDoS mitigation firms. One offered to host KrebsOnSecurity for two weeks at no charge, but after that they said the same kind of protection I had under Akamai would cost between $150,000 and $200,000 per year,” Kerbs said, quoted by International Business Times.
The DDos attach began Around 8 PM ET on September 20, 2016. “Initial reports put it at approximately 665 Gigabits of traffic per second. Additional analysis on the attack traffic suggests the assault was closer to 620 Gbps in size, but in any case this is many orders of magnitude more traffic than is typically needed to knock most sites offline.” wrote Krebs on his website.
Martin McKeay, Akamai’s senior security advocate, said the largest attack the company had seen previously clocked in earlier this year at 363 Gbps. But he said there was a major difference between last night’s DDoS and the previous record holder: The 363 Gpbs attack is thought to have been generated by a botnet of compromised systems using well-known techniques allowing them to “amplify” a relatively small attack into a much larger one.