Google hauls KrebsOnSecurity back online after massive DDoS attack saw Akamai pull support

Security researcher Brian Krebs's security blog KrebsOnSecurity is back online after having withstood a historically massive DDoS attack, thanks to Google's Project Shield. The site's previous security provider Akamai, which helped combat the two-week-long 620Gbps DDoS attack, was forced to eventually pull support after the attack, which is considered to be the world's largest volume of junk data.

The cyberattack is believed to have been retaliation from the alleged owners of a DDoS attack service site called vDOS, which Krebs had recently exposed. Although the site was briefly taken offline, the attack was deemed unsuccessful as the hackers were likely unable to access the site. This was largely due to the combined efforts of Akamai and another DDoS protection outfit Prolexic. However, the sheer volume of the attack eventually forced Akamai, which had for years provided the site with mitigation services on a pro-bono basis, to withdraw support.

Krebs wrote in his blog that he "did not fault" Akamai for its decision, adding: "Once it became evident that the assault was beginning to cause problems for the company's paying customers, they explained that the choice to let my site go was a business decision, pure and simple."

Akamai executives said in an interview with The Boston Globe: "This is the worst denial-of-service attack we've ever seen." They added that if sustained, the attacks could have cost the firm "millions" of dollars.

Attackers likely leveraged IoT botnet

According to Krebs, the hackers likely leveraged IoT (Internet of Things) botnet when mounting the attack. He said: "There is every indication that this attack was launched with the help of a botnet that has enslaved a large number of hacked so-called Internet of Things devices — mainly routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords."

Cyberattacks wielded weapons of mass censorship

Krebs likened the attack mounted against him to an elaborate act of censorship. He wrote: "Why do I speak of DDoS attacks as a form of censorship? Quite simply because the economics of mitigating large-scale DDoS attacks do not bode well for protecting the individual user, to say nothing of independent journalists.

"Today, I am happy to report that the site is back up — this time under Project Shield, a free program run by Googleto help protect journalists from online censorship. And make no mistake, DDoS attacks — particularly those the size of the assault that hit my site this week — are uniquely effective weapons for stomping on free speech, for reasons I'll explore in this post."

However, before finding refuge under Google, Krebs, faced with the unprecedented security debacle, attempted to look into mitigation services currently available, but to no avail. "In the hours and days following my site going offline, I spoke with multiple DDoS mitigation firms. One offered to host KrebsOnSecurity for two weeks at no charge, but after that they said the same kind of protection I had under Akamai would cost between $150,000 and $200,000 per year," he said.

"Ask yourself how many independent journalists could possibly afford that kind of protection money? A number of other providers offered to help, but it was clear that they did not have the muscle to be able to withstand such massive attacks."

How scary is the future?

With the alarming rise in cyberattacks and DDoS attacks in particular, the future of website security appears to be uncertain. The scores of insecure IoT devices available provide a treasure trove of arsenal for hackers who are now increasingly using vulnerable devices to launch massive DDoS attacks on businesses and governments.

Krebs believes that as was in his case, these IoT botnets could also be used in the future to censor free speech. "I don't know what it will take to wake the larger Internet community out of its slumber to address this growing threat to free speech and ecommerce," he said.

"My guess is it will take an attack that endangers human lives, shuts down critical national infrastructure systems, or disrupts national elections.

"The sad truth these days is that it's a lot easier to censor the digital media on the Internet than it is to censor printed books and newspapers in the physical world. On the internet, anyone with an axe to grind and the willingness to learn a bit about the technology can become an instant, self-appointed global censor. I sincerely hope we can address this problem before it's too late."