Akamai Technologies Inc. provides computer security services for some of the world’s biggest companies. But this week, the Cambridge company broke ties with prominent Internet security researcher Brian Krebs, after his website became the target of a massive worldwide digital attack.
More than 75 gigabytes of random data were thrown at Krebs’s website every second, for hours at a time, in a deliberate attempt to overwhelm the site and knock it offline.
“This is the worst denial-of-service attack we’ve ever seen,” said Josh Shaul, Akamai’s vice president of Web security, who added that it might be the worst in Internet history.
Akamai had the technology to fend off the attack, but not the resources. It provides security services to Krebs’s website at no charge. And the sheer scale of the assault meant that Akamai could no longer afford to pick up the tab.
“If this kind of thing is sustained, we’re definitely talking millions” of dollars in cyber security services, said Shaul.
A former reporter for the Washington Post, Krebs is one of the most widely followed writers on cyber security in the technology industry.
His website, KrebsOnSecurity.com, is often the first to break news on major threats to computer networks. Krebs has also written a book, Spam Nation, about the Russian cyber criminal underground.
Krebs’s site has repeatedly come under attacks from hackers angered by his scoops. In 2012, Akamai agreed to provide online security services to Krebs at no charge.
“They have protected my site from literally hundreds of attacks, pro bono,” Krebs said. But on Tuesday night came the biggest onslaught yet. Krebs site was hit with a “distributed denial-of-service” or DDOS attack.
In such an assault, criminals who have previously seized control of thousands or millions of computers order the machines to send vast amounts of meaningless data to a particular Internet server. The surge of traffic overwhelms the server and knocks it offline.
Akamai said the scale of the assault on Krebs stunned its engineers — almost twice as much traffic as Akamai had ever seen in a previous attack. The traffic arrived from machines around the world — North America, Europe, and Asia.
The Akamai network filtered out the garbage traffic and KrebsOnSecurity remained online. But the attackers kept on coming, and the expense of fighting them became overwhelming. On Thursday, Akamai pulled the plug.
“We made a business decision to no longer keep this customer on our platform and prioritize our resources on our paying customers,” said Akamai spokesman Jeff Young.
Krebs believes the attack on his website is related to an expose he wrote earlier in September of vDOS, a company that conducts DDOS attacks for hire.
The same day, two teenagers in Israel were arrested as part of an FBI investigation into the company.
Krebs believes that the attack was generated by allies of vDOS. “Maybe this was an act of solidarity,” he said.
Krebs is now in discussions with other Internet hosting and security companies in an effort to get KrebsOnSecurity back online, but he said some had second thoughts about the risks of working with him.
Krebs warns that the attack on his site shows how dangerous and powerful today’s digital criminals have become.
“We’re at a point where individual 16-year-olds can wield tremendous power,” Krebs said. “That ought to get a lot of people’s attention, but I fear that it won’t.”