Brian Krebs site dumped by Akamai due to massive DDoS attack

In what can only be viewed as a victory for the attackers, content delivery provider Akamai has dropped Brian Krebs’ web site in the midst of a record-breaking DDoS attack against the site.

Krebs and his site have been the target of DDoS, SWATting, and other attacks in the past, in response to his reporting on various illegal activities – and the people behind them. But this most recent attack, which began on Tuesday, is the largest in history.

Akamai provides services that limit the effectiveness of DDoS attacks. According to Krebs, Akamai was providing their services for at no charge. He doesn’t fault Akamai for dropping his site, but their doing so raises some interesting possibilities.

The most likely explanation is that Akamai could no longer justify providing their services to Krebs for free; dealing with such a large attack would have involved a lot of time and effort. Akamai may have offered to keep supporting, but at their normal price. Those prices are typically only paid by large corporate clients, and Krebs probably just can’t afford them.

As a result of all this, is offline, and likely to stay that way until the attackers lose interest. Once the attacks subside, I’m sure the site will return.

Although Krebs doesn’t blame Akamai for dropping him, it’s hard to see how Akamai can come out of this without their reputation being harmed. There will always be questions about exactly what happened. Was Akamai actually overwhelmed? I’m sure Akamai’s competitors will be looking at picking Krebs up as a client.

And finally, this is a clear win for the attackers. They now know that they can take down even high profile web sites, although perhaps not those owned by companies with very deep pockets.

Ars Technica has more, including speculation that the attacks involved hacked ‘Internet of Things’ devices.

Updates 2016Sep25: is back up, thanks to Project Shield, a free program run by Google to help protect journalists from online censorship. It will be interesting to see how well this service protects Krebs’ web site from inevitable, future attacks. And how will Akamai spin this?

Meanwhile, Krebs also thinks that poorly-secured ‘Internet of Things’ devices made the record-breaking size of this attack possible. And despite the site only being down for a few days, he feels that this kind of attack is a new form of censorship, referring to the effect as ‘The Democratization of Censorship‘.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.