A graphic of how a DDoS attack overloads a network, shutting it down.
A few weeks ago, on September 13th, a record breaking DDoS (distributed denial of service) attack began. The attack was against the site KrebsOnSecurity, a site run by internet activist and independent reporter, Brian Krebs. It was likely in retaliation against a report he published on vDOS, a for hire botnet (a network of devices infected with malware that can control functions of the device), which led to the arrest of two Israeli teen hackers. The site was hit with over 700 Gbps per second, over 100 Gbps more than the largest attack recorded before this.
Krebs’ site was hosted by content delivery company, Akamai. Akamai had successfully defended Krebs’ site from large cyber attacks for years now. But this changed when the record breaking attack began to cause problems with paying customers, whose traffic went through Akamai’s scrubbing centers. As these customers were being affected by the attack on Krebs, Akamai decided to kick him off their system. Krebs was understanding of Akamai’s decision. He stated:
“Let me be clear: I do not fault Akamai for their decision. I was a pro bono customer from the start, and Akamai and its sister company Prolexic have stood by me through countless attacks over the past four years. It just so happened that this last siege was nearly twice the size of the next-largest attack they had ever seen before. Once it became evident that the assault was beginning to cause problems for the company’s paying customers, they explained that the choice to let my site go was a business decision, pure and simple.” See Krebs’ full analysis of the attack here.
Krebs has since moved his site to Google’s project shield, designed specifically to protect journalists and writers from attacks to ensure their freedom of speech is protected. In order to reach the record-breaking numbers it did, the attack used a botnet consisting of over 150,000 devices connected to the Internet of Things, including DVD players and cameras. IoT devices were also used in attacks on the Rio Olympics, which sustained 500 Gbps, and on French internet hosting giant OVH, which hasn’t been confirmed yet but is believed to have hit 1,100 Gbps. As the internet and its influence grows, as does the frequency and scale of cyber attacks and cyber crime. In this new era of internet warfare it is becoming apparent that big data centers can’t protect themselves on their own, and in order to ensure security and freedom of speech we will need to drastically change how we deal with cyber attacks.