Security researcher Brian Krebs has been responsible for exposing some of the biggest hacks in recent history, the price of which is that his blog, Krebs on Security, has faced numerous DDoS attacks from angry hackers over the years. But the latest assault was so large that the site was offline for a week, and it took a helping hand from Google to get it back up.
The distributed denial-of-service attacks started two weeks after Krebs revealed that Israeli teenagers Yarden Bidani and Itay Huri were the alleged owners of vDOS, a “booter” service that people can use to carry out DDoS attacks against websites.
vDOS was said to be responsible for "a majority" of the DDoS attacks that had been clogging up the internet over the past few years, earning the pair $618,000 in the process.
Following the report, Krebs on Security was targeted by one of the largest DDos attacks on record. The site was hit with 620 gigabits per second of junk data – almost twice the size of anything it previously had to fend off.
While the attack didn’t bring down the site, Krebs’ hosting provider, Akamai Technologies, was forced to order Krebs on Security off the network. Along with DDoS protection firm Prolexic, it had been offering Krebs pro bono protection from attacks for years, but the size of this DDoS meant it couldn’t keep on doing so without the financial impact affecting other customers.
"I can't really fault Akamai for their decision," Krebs said. "I likely cost them a ton of money today."
The good news is that Krebs on Security is now back online, thanks to Google’s free Project Shield program. The company provides the DDoS attack mitigation service to verified journalists and non-profit organizations.
"A number of other providers offered to help, but it was clear that they did not have the muscle to be able to withstand such massive attacks," Krebs added.