from the whole-lot-of-nothing-going-on dept.
An article today on SecurityWeek details what may be the largest DDoS attack ever seen. The target? Brian Krebs' web site of course.
Investigative cybercrime journalist Brian Krebs reported on Tuesday that his website, KrebsOnSecurity.com, was hit by a massive distributed denial-of-service (DDoS) attack that could be the largest in history. According to Krebs, his site was targeted with various types of DDoS attacks, including SYN and HTTP floods. The attack peaked at 665 Gbps and 143 Mpps (million packets per second), but it was successfully mitigated by Akamai, the company that provides DDoS protection services for KrebsOnSecurity.
Akamai told Krebs that this attack was nearly twice the size of the largest attack they had previously encountered. It's worth noting that Arbor Networks reported in January that some of its customers had been hit by attacks that peaked at 500, 450 and 425 Gbps.
Quite the feather in the cap of Akamai to be able to mitigate this level of attack.
Related Stories
Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack is how Business Insider describes the ongoing DDoS (Distributed Denial of Service Attack) against Brian Krebs (currently offline; google cache). This is notable as Akamai was able to mitigate the effect of the record scale attack but has decided to end their service relationship with Krebs. Victory has currently been handed to the attackers: if the goal is to get Krebs' website off the Internet it has succeeded regardless of the mechanism. Despite being deleted off the Internet Krebs does not fault Akamai.
The really Interesting question is how long will it take for Krebs to return to operational status? Is there anyone else that will be willing to donate their mitigation services so Krebs can go back online? Is there any possible way he could afford to pay normal prices for mitigation services that could handle 600 gigabits per second of flooding? Exactly who do you have to piss off, how sophisticated do they need to be, and how long can they afford the risk involved with carrying out the attack? Free Speech for the Internet is going to be defined by how this plays out.
takyon: These cybercriminals are just going to get Krebs more attention and appearances in the mass media. Krebs expects his site to be back up later today. Also, it is important to note that Akamai/Prolexic provided Krebs free service.
Previously: Brian Krebs DDoSed After Exposing vDos Operators; Israeli Authorities Hit Back With Arrests
Brian Krebs' Blog Hit by 665 Gbps DDoS Attack
(Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:03PM
Never before seen in at least the last ten thousand years of human recorded records.
(Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:12PM
The previous one was much larger but it deleted all the records.
(Score: 5, Funny) by DeathMonkey on Thursday September 22 2016, @06:05PM
Lisa: I think a hurricane is coming!
Homer: Oh Lisa! There's no record of a hurricane ever hitting Springfield.
Lisa: Yes, but the records only go back to 1978 when the Hall of Records was mysteriously blown away.
(Score: 0) by Anonymous Coward on Friday September 23 2016, @07:17AM
Looks like he's reset his DNS to local host now. 127.0.0.1 must be "getting a lot of hits".
Btw does Krebs have anything to do with the site "shadowserver.org" or that foundation?
That site seems to be roaming the net trying to change router firmware these days.
Think I saw Krebs' name associated with that url? Does any one know?
184.105.139.78 scan-13k.shadowserver.org
(Score: 4, Funny) by Anonymous Coward on Thursday September 22 2016, @03:04PM
On Tuesday? Maybe there was a sudden surge of reader interest.
(Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:19PM
Sorry about that, I just misconfigured a router.
NSA IT Contractor
(Score: 0) by Anonymous Coward on Thursday September 22 2016, @04:57PM
I knew nothing, heard nothing...
Chris Christie
(Score: 3, Funny) by bob_super on Thursday September 22 2016, @05:34PM
You're supposed to hold the giant ACME packet magnet the other way...
(Score: 1, Interesting) by Anonymous Coward on Thursday September 22 2016, @03:27PM
Of course, Brian Krebs' website...and not hundreds of others that would have been much more obvious targets.
(Score: 0) by Anonymous Coward on Thursday September 22 2016, @03:28PM
> Quite the feather in the cap of Akamai to be able to mitigate this level of attack.
I can get to the front page of his blog, but when I click on the link for the full blog entry on this topic it fails to load. Just hangs.
So Akamai is kapakahi. [urbandictionary.com]
(Score: 0) by Anonymous Coward on Thursday September 22 2016, @04:03PM
Oh, let's go to the blog and see what it's about!
No, wait ..
(Score: 2, Informative) by fubari on Thursday September 22 2016, @04:47PM
Krebs wrote up some detail, an interesting read (when it works :-) was fine 2 min ago, now... not so much).
http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/ [krebsonsecurity.com]
Anyway, I ound that link in TFA, should (imo) be the fine article.
(Score: 2) by Fnord666 on Thursday September 22 2016, @05:15PM
(Score: 1) by fubari on Thursday September 22 2016, @07:14PM
fair point, it has been hit or miss
(Score: 2, Funny) by Techwolf on Thursday September 22 2016, @05:55PM
Who is Brian Krebs and what did he do to piss off the gov?
(Score: 3, Interesting) by HiThere on Thursday September 22 2016, @07:25PM
And which governments...
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 0) by Anonymous Coward on Friday September 23 2016, @12:50AM
He pisses off script kiddies and Russian cybercriminals, not governments.
(Score: 0) by Anonymous Coward on Friday September 23 2016, @08:17AM
https://twitter.com/briankrebs/status/779047286043185152 [twitter.com]
Looks like cloudflare is gonna stepping in, though.
(Score: 0) by Anonymous Coward on Friday September 23 2016, @11:43AM
Hopefully Krebs won't ever find a target, that is too big for him. DDOS is fine, survivable. But if he goes after the wrong people, he might risk more then his website's availability.
I often wonder, whether he's still alive cos he didn't find anything big enough, or cos the damage he does is not enough to warrant closer attention? Or maybe cos he lives in a really nice place, and its hard to get close to him? hmm.
Or maybe they're DDOS'ing him cos its the only thing they can do? In any case, Krebs is playing with fire. That's what makes him cool!