Security commentator Brian Krebs hit with the biggest DDoS attack ever
Attacks on websites are a daily occurrence so to get any real attention an attack needs to be something special. Starting on Tuesday, Brian Krebs' security blog, KrebsOnSecurity.com, was hit with what is being described as "the largest DDoS the internet has ever seen".
Despite being clobbered with a colossal 665 Gbps of traffic, Krebs' site remained online thanks to the anti-DDoS efforts of security firm Akamai. It is thought that Krebs was targeted for his exposés of hackers, and the attack was delivered via a huge number of hacked IoT devices.
Akamai said that the attack was carried out by a botnet of hacked devices. While the number of devices involved is not known for sure, it is believed that hundreds of thousands of compromised IoT routers, IP cameras and DVRs were used.
Martin McKeay from Akamai said:
Someone has a botnet with capabilities we haven't seen before. We looked at the traffic coming from the attacking systems, and they weren't just from one region of the world or from a small subset of networks -- they were everywhere.
Holy moly. Prolexic reports my site was just hit with the largest DDOS the internet has ever seen. 665 Gbps. Site's still up. #FAIL
— briankrebs (@briankrebs) September 21, 2016
Initial analysis of the attack suggests that it could have been carried out by the people behind the vDOS attack tool which Krebs wrote about earlier in the month.