Krebs on Security booted off Akamai network after DDoS attack proves pricey

There's no rancor or bitterness, however, since Akamai hosted the security expert's blog pro bono.

Security blog Krebs on Security has been taken offline by host Akamai Technologies following a DDoS attack which reached 665 Gbps in size.

screen-shot-2016-09-23-at-12-20-10.jpg
Brian Krebs | Twitter

This week, prominent security expert Brian Krebs' blog became the focus of a concentrated distributed denial-of-service (DDoS) attack.

The attack, 665 Gbps in size, was detected by Akamai and DDoS protection outfit Prolexic, owned by Akamai, as "almost twice the size" of attacks they have had to fend off in the past, according to Krebs.

On Twitter, the security expert said in a series of tweets that despite the unknown attackers "throwing it all" at Krebs on Security, including SYN Floods, GET Floods, ACK Floods, POST Floods, and GRE Protocol Floods, the attack, one of -- if not -- the largest DDoS ever recorded, failed.

screen-shot-2016-09-23-at-12-36-46.jpg
Twitter

In a blog post, published while the website was still active, Krebs said the attack began at around 8pm ET on September 20. The attack initially appeared to clock in at around 665 Gbps, although it may be closer to 620 Gbps -- still far beyond the last record holder for the largest attack detected by Akamai at 363 Gbps, according to Martin McKeay, an Akamai senior security researcher.

DDoS attacks are a common way to disrupt online services. Requiring little or no technical knowledge, these attacks most often use botnets and networks of hacked devices which act as 'slaves.' The operator then commands these devices to flood a domain with traffic, which in turn can prevent legitimate access from getting through, disrupt servers, and financially hurt the target.

Krebs called the attack "unusual" as the DDoS appears to have originated from a massive botnet of compromised devices, leveraged to create vast amounts of traffic through "garbage Web attack methods" rather than amplification or reflection techniques, which are most commonly used in DDoS campaigns.

While the attack was a failure -- and the attackers then decided to irritate Krebs further by flooding his Skype with requests and email inbox with subscriptions -- the relief was short-lived.

Akamai was able to rebuff the attack and keep the security blog online, but someone has to pay for the disruption and damage such attacks cause.

Unfortunately, Akamai was the company that needed to front the bill. The cloud services provider, having hosted Krebs on Security for free, informed the security expert that the blog had to be taken off the network.

"I can't really fault Akamai for their decision," Krebs said. "I likely cost them a ton of money today."

screen-shot-2016-09-23-at-12-58-06.jpg
Twitter

See also: 'Biggest ever' web attack on BBC actually wasn't even close

There is no word on whether another cloud provider will be willing to take on the prominent security blog at the risk of new DDoS attacks, but we can only hope.

Despite everything, Krebs still has retained his sense of humor, writing: "There's no place like 127.0.0.1."

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All