Skip to main content

Brian Krebs is back online following a DDoS attack thanks to Google’s Project Shield

brian krebs project shield ddosattack
Image used with permission by copyright holder
Last week the website of cybersecurity journalist Brian Krebs was targeted by a devastating DDoS attack on a massive scale. The attack was so fierce – 620 gigabits a second – that Prolexic, a DDoS protection service that was protecting his site, had to pull its services and Akamai Technologies removed his site from its network. It was just too much to handle and was costing too much money.

Now Krebs is working with Google’s Project Shield, a similar DDoS protection service that is free for journalists and activists and dedicated to protecting free speech and expression. According to Krebs, a number of protection providers approached him after last week’s “historically large” attacks to offer their services.

Krebs wrote in a new post that he feels like DDoS attacks are being used as a form of censorship. Sending huge swathes of false traffic can knock a site offline and hamper the spread of information.

The attack on Krebsonsecurity.com came a couple of days after Krebs revealed the inner working of vDOS, a shady Israeli firm that provides DDoS services for a lucrative fee. The owners of the site reportedly made $600,000 over two years but soon after the exposé, two Israeli men were arrested for allegedly running the site.

It remains speculation but the prevailing belief is that someone from vDOS or someone sympathetic to the company orchestrated last week’s onslaught on Krebs. He has been targeted before by cybercriminals unhappy with having their operations exposed but those attacks pale in comparison to this latest episode.

“This is the worst denial-of-service attack we’ve ever seen,” Josh Shaul, Akamai’s vice president of web security told the Boston Globe and the scale of this attack highlighted the censorship issue that concerns Krebs.

Akamai provides protection services, and while its services provided to Krebs were pro-bono, it makes money elsewhere through these services. Krebs added that he doesn’t have any problems with Akamai and Prolexic pulling their service for Krebsonsecurity.com given the arrangement that they had. However paying for these services is likely out of reach for most other journalists, activists, and dissidents, which is why he is now espousing the free Project Shield.

According to Krebs, one other firm offered protection at $150,000-$200,000 a year. “Ask yourself how many independent journalists could possibly afford that kind of protection money?” he wrote.

He added that he is kicking around the idea of starting a non-profit that helps online journalists access security protections.

“Maybe a Kickstarter campaign, along with donations from well-known charitable organizations, could get the ball rolling. It’s food for thought.”

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more