If you are plugged into the world of cybersecurity, you have likely heard of researcher and journalist Brian Krebs, as well as his blog KrebsOnSecurity. The website has always been a great source of analytical information regarding various cyber crimes. As an investigative journalist, Brian naturally makes enemies of the individuals he writes about. In the past, Krebs has faced swatting and countless other attacks from adversaries. One of these enemies has again retaliated, engaging in an aggressive DDoS against the KrebsOnSecurity website.
The 620 Gbps DDoS attack began on September 21st, and appears to have come from members of vDos. Krebs recently wrote an in-depth article exposing vDos as a DDoS-for-hire service with the intention of taking them down. Though members of vDos have been arrested, evidence of their involvement was found in one of the DDoS packets. The packet in question contained the phrase “freeapplej4ck," which is a nickname for one of the prominent members in vDos.
The attack itself is originating from numerous IoT devices around the world, engaging in what Krebs calls "garbage Web attack methods" that mimic generic routing encapsulation (GRE) packet distribution. The DDoS has been so overwhelming that Akamai, which provided pro bono DDoS protection to KrebsOnSecurity, has stopped providing its services for the website. In a tweet Krebs stated that "I can't really fault Akamai for their decision. I likely cost them a ton of money today." After being offline for about a week because of the attack, KrebsOnSecurity.com was back online. Perhaps not coincidentally, the attack on Krebs appeared to be a precursor to the similar but far more devastating attack that brought down large segments of the Internet on Oct. 21.
The DDoS attack against KrebsOnSecurity is further proof that cybersecurity specialists are favorite targets of black hat hackers. This goes doubly so for anyone that publishes their findings or, like Brian Krebs, leads an investigation against cyber criminals on a daily basis. Any person, and this goes for me as well, involved in InfoSec (be it reporting or otherwise) should take extra precautions to ensure the best cyber attack protections. This of course does not mean that we are always safe.
Brian Krebs absolutely had the right idea being protected by Akamai, but unfortunately the DDoS attack was the biggest that the company had ever experienced. Every cybersecurity expert, especially those in the public eye, must not allow attacks like this to intimidate us.
We have a job to do, and we are the only ones that can do it.
Photo credit: Freerange Stock