Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday September 22 2016, @02:39PM   Printer-friendly
from the whole-lot-of-nothing-going-on dept.

An article today on SecurityWeek details what may be the largest DDoS attack ever seen. The target? Brian Krebs' web site of course.

Investigative cybercrime journalist Brian Krebs reported on Tuesday that his website, KrebsOnSecurity.com, was hit by a massive distributed denial-of-service (DDoS) attack that could be the largest in history. According to Krebs, his site was targeted with various types of DDoS attacks, including SYN and HTTP floods. The attack peaked at 665 Gbps and 143 Mpps (million packets per second), but it was successfully mitigated by Akamai, the company that provides DDoS protection services for KrebsOnSecurity.

Akamai told Krebs that this attack was nearly twice the size of the largest attack they had previously encountered. It's worth noting that Arbor Networks reported in January that some of its customers had been hit by attacks that peaked at 500, 450 and 425 Gbps.

Quite the feather in the cap of Akamai to be able to mitigate this level of attack.


Original Submission

Related Stories

DDoS Against Brian Krebs Scores a Victory: KrebsOnSecurity is Offline 30 comments

Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack is how Business Insider describes the ongoing DDoS (Distributed Denial of Service Attack) against Brian Krebs (currently offline; google cache). This is notable as Akamai was able to mitigate the effect of the record scale attack but has decided to end their service relationship with Krebs. Victory has currently been handed to the attackers: if the goal is to get Krebs' website off the Internet it has succeeded regardless of the mechanism. Despite being deleted off the Internet Krebs does not fault Akamai.

The really Interesting question is how long will it take for Krebs to return to operational status? Is there anyone else that will be willing to donate their mitigation services so Krebs can go back online? Is there any possible way he could afford to pay normal prices for mitigation services that could handle 600 gigabits per second of flooding? Exactly who do you have to piss off, how sophisticated do they need to be, and how long can they afford the risk involved with carrying out the attack? Free Speech for the Internet is going to be defined by how this plays out.

takyon: These cybercriminals are just going to get Krebs more attention and appearances in the mass media. Krebs expects his site to be back up later today. Also, it is important to note that Akamai/Prolexic provided Krebs free service.

Previously: Brian Krebs DDoSed After Exposing vDos Operators; Israeli Authorities Hit Back With Arrests
Brian Krebs' Blog Hit by 665 Gbps DDoS Attack


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:03PM

    by Anonymous Coward on Thursday September 22 2016, @03:03PM (#405148)

    Never before seen in at least the last ten thousand years of human recorded records.

    • (Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:12PM

      by Anonymous Coward on Thursday September 22 2016, @03:12PM (#405154)

      The previous one was much larger but it deleted all the records.

      • (Score: 5, Funny) by DeathMonkey on Thursday September 22 2016, @06:05PM

        by DeathMonkey (1380) on Thursday September 22 2016, @06:05PM (#405210) Journal

        Lisa: I think a hurricane is coming!
        Homer: Oh Lisa! There's no record of a hurricane ever hitting Springfield.
        Lisa: Yes, but the records only go back to 1978 when the Hall of Records was mysteriously blown away.

    • (Score: 0) by Anonymous Coward on Friday September 23 2016, @07:17AM

      by Anonymous Coward on Friday September 23 2016, @07:17AM (#405453)

      Looks like he's reset his DNS to local host now. 127.0.0.1 must be "getting a lot of hits".

      Btw does Krebs have anything to do with the site "shadowserver.org" or that foundation?
      That site seems to be roaming the net trying to change router firmware these days.
      Think I saw Krebs' name associated with that url? Does any one know?
      184.105.139.78 scan-13k.shadowserver.org

  • (Score: 4, Funny) by Anonymous Coward on Thursday September 22 2016, @03:04PM

    by Anonymous Coward on Thursday September 22 2016, @03:04PM (#405149)

    On Tuesday? Maybe there was a sudden surge of reader interest.

  • (Score: 1, Funny) by Anonymous Coward on Thursday September 22 2016, @03:19PM

    by Anonymous Coward on Thursday September 22 2016, @03:19PM (#405156)

    Sorry about that, I just misconfigured a router.

    NSA IT Contractor

    • (Score: 0) by Anonymous Coward on Thursday September 22 2016, @04:57PM

      by Anonymous Coward on Thursday September 22 2016, @04:57PM (#405194)

      I knew nothing, heard nothing...

      Chris Christie

    • (Score: 3, Funny) by bob_super on Thursday September 22 2016, @05:34PM

      by bob_super (1357) on Thursday September 22 2016, @05:34PM (#405200)

      You're supposed to hold the giant ACME packet magnet the other way...

  • (Score: 1, Interesting) by Anonymous Coward on Thursday September 22 2016, @03:27PM

    by Anonymous Coward on Thursday September 22 2016, @03:27PM (#405160)

    Of course, Brian Krebs' website...and not hundreds of others that would have been much more obvious targets.

  • (Score: 0) by Anonymous Coward on Thursday September 22 2016, @03:28PM

    by Anonymous Coward on Thursday September 22 2016, @03:28PM (#405161)

    > Quite the feather in the cap of Akamai to be able to mitigate this level of attack.

    I can get to the front page of his blog, but when I click on the link for the full blog entry on this topic it fails to load. Just hangs.
    So Akamai is kapakahi. [urbandictionary.com]

  • (Score: 0) by Anonymous Coward on Thursday September 22 2016, @04:03PM

    by Anonymous Coward on Thursday September 22 2016, @04:03PM (#405168)

    Oh, let's go to the blog and see what it's about!

    No, wait ..

  • (Score: 2, Informative) by fubari on Thursday September 22 2016, @04:47PM

    by fubari (4551) on Thursday September 22 2016, @04:47PM (#405187)

    Krebs wrote up some detail, an interesting read (when it works :-) was fine 2 min ago, now... not so much).
    http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/ [krebsonsecurity.com]
    Anyway, I ound that link in TFA, should (imo) be the fine article.

    • (Score: 2) by Fnord666 on Thursday September 22 2016, @05:15PM

      by Fnord666 (652) on Thursday September 22 2016, @05:15PM (#405197) Homepage
      I was going to use that link but I was afraid it might be down.
      • (Score: 1) by fubari on Thursday September 22 2016, @07:14PM

        by fubari (4551) on Thursday September 22 2016, @07:14PM (#405235)

        fair point, it has been hit or miss

  • (Score: 2, Funny) by Techwolf on Thursday September 22 2016, @05:55PM

    by Techwolf (87) on Thursday September 22 2016, @05:55PM (#405207)

    Who is Brian Krebs and what did he do to piss off the gov?

    • (Score: 3, Interesting) by HiThere on Thursday September 22 2016, @07:25PM

      by HiThere (866) Subscriber Badge on Thursday September 22 2016, @07:25PM (#405240) Journal

      And which governments...

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    • (Score: 0) by Anonymous Coward on Friday September 23 2016, @12:50AM

      by Anonymous Coward on Friday September 23 2016, @12:50AM (#405350)

      He pisses off script kiddies and Russian cybercriminals, not governments.

  • (Score: 0) by Anonymous Coward on Friday September 23 2016, @08:17AM

    by Anonymous Coward on Friday September 23 2016, @08:17AM (#405463)

    https://twitter.com/briankrebs/status/779047286043185152 [twitter.com]

    It's looking likely that KrebsOnSecurity will be offline for a while. Akamai's kicking me off their network tonight.

    Looks like cloudflare is gonna stepping in, though.

  • (Score: 0) by Anonymous Coward on Friday September 23 2016, @11:43AM

    by Anonymous Coward on Friday September 23 2016, @11:43AM (#405494)

    Hopefully Krebs won't ever find a target, that is too big for him. DDOS is fine, survivable. But if he goes after the wrong people, he might risk more then his website's availability.

    I often wonder, whether he's still alive cos he didn't find anything big enough, or cos the damage he does is not enough to warrant closer attention? Or maybe cos he lives in a really nice place, and its hard to get close to him? hmm.

    Or maybe they're DDOS'ing him cos its the only thing they can do? In any case, Krebs is playing with fire. That's what makes him cool!