Is Akamai's DDoS protection tiered? That's not how it works for e.g. CloudFlare: you pay a flat fee and (they claim) they'll keep you up no matter the size or frequency of the attack. If Krebs simply wasn't signed up for a high enough tier than I guess Akamai did the right thing, but if they charge a flat fee for protection and make similar claims to CF then they deserve to be raked over the coals for this.
Ok, I did not see Krebs' latest tweet that he was getting free service (https://twitter.com/briankrebs/status/779111614226239488), that's a lot more justifiable. You'd think a netsec journalist would be the first to find it worth it to get on the paid plan.
Krebs' reporting (now, after leaving the Washington Post under whatever circumstances -- cost cutting? -- on his own "blog"), has for years now shone a very useful, researched insight into various matters of important technological vulnerability.
He provides a real service. Which is probably why Akamai offered him their services for free, in the first place.
Krebs shines a light on shadows that very much don't want to be seen, much less outed. The years long level of escalating attacks against him and his site reflect this.
Fun fact: the suspicion right now is that this traffic is coming from compromised IoT devices. Just in case you needed another reason why the Internet of Things is the worst thing to happen to computing in a long while: it has handed attackers more ammo.
I happen to have a profile on LinkedIn. When I see someone with a "IoT Expert", I'm like "Dude, we live in Algeria. We didn't even make online payments and somehow there are more Internet of Things experts than Things of the Internet. Come on!".
It's a good selector for the kind of people who'd write "Mastery of C/C++" thinking they're the same thing.
They are from the same category as people who put 5 start of five on their resume. What does it mean? 5/5 for MS Office? Clicking, double clicking, getting, sending emails?
However I wound't blame IoT for all of it. What about uncountable number of vulnerable routers at home and small offices? As far as I know they may send legitimate (from ISP PoV) low traffic all day to some endpoints on internet.
Personally, I think IoT is just a buzzword coming from I don't know where. IoT has existed the moment two things were connected over a network, and this was decades ago.
>What about uncountable number of vulnerable routers at home and small offices?
"Hypothetical" cases: devices of sensitive organizations just sitting there with default configuration. FTP servers of TV stations with a genius admin making a tutorial for staff with the goddamn credentials on the "intranet page" (you have the privileges of writing the news of tomorrow, literally). Teleconference system of major company that are broadcasting what's happening in the meeting room because why not. Readable and writable remote sensing devices that are broadcasting information that matters a great deal and you could just toy with it.
All this without even brute-force or exploiting a vulnerability. Basically within the reach of any monkey who could type admin-admin.
The fact that this is pure, raw packets and not using a DNS amplification method sounds to me like the attackers are advertising. "Hey, look at my capabilities. Look what I can do. Hire me for your next DDoS attacks." If these guys don't get caught or taken down, they could easily become the biggest players in the market. Twice the size of the last biggest DDoS, with no trickery. That's insane.
17 comments
[ 3.1 ms ] story [ 39.5 ms ] thread> I'd blame the insurance company if they dropped me the second I was diagnosed with cancer
What kind of an insurance company would target likely victims anyway?
If it wasn't clear, Krebs wasn't paying Akamai a penny. I'd assume their cheapest solutions start around 10k a month, hard to justify for a journo.
How much do you think a solo netsec journalist with only a couple of ads on his site earns?
He provides a real service. Which is probably why Akamai offered him their services for free, in the first place.
Krebs shines a light on shadows that very much don't want to be seen, much less outed. The years long level of escalating attacks against him and his site reflect this.
Still understandable that Akamai dropped that after while, despite the PR damage, especially if it affected their work for paying customers.
https://twitter.com/briankrebs/status/779111614226239488
It's a good selector for the kind of people who'd write "Mastery of C/C++" thinking they're the same thing.
However I wound't blame IoT for all of it. What about uncountable number of vulnerable routers at home and small offices? As far as I know they may send legitimate (from ISP PoV) low traffic all day to some endpoints on internet.
Personally, I think IoT is just a buzzword coming from I don't know where. IoT has existed the moment two things were connected over a network, and this was decades ago.
>What about uncountable number of vulnerable routers at home and small offices?
"Hypothetical" cases: devices of sensitive organizations just sitting there with default configuration. FTP servers of TV stations with a genius admin making a tutorial for staff with the goddamn credentials on the "intranet page" (you have the privileges of writing the news of tomorrow, literally). Teleconference system of major company that are broadcasting what's happening in the meeting room because why not. Readable and writable remote sensing devices that are broadcasting information that matters a great deal and you could just toy with it.
All this without even brute-force or exploiting a vulnerability. Basically within the reach of any monkey who could type admin-admin.
http://webcache.googleusercontent.com/search?q=cache:http://...