Modern field guide to security and privacy

Digital attack on journalist raises specter of online censorship

After an unprecedented online assault took down cybersecurity journalist Brian Krebs's influential cybersecurity blog, he was able to return to the web because of a new service that protects journalists and activists from online censorship. 

Photo courtesy of Akamai Technologies
A view inside the network operations command center at Akamai Technologies in Cambridge, Mass., where the company monitors internet outages, attacks, and broadband traffic.

When cybersecurity journalist Brian Krebs exposes internet crime rings or digital fraudsters, retaliation often follows. And it's not for the faint of heart.

Mr. Krebs's adversaries have threatened him physically, assaulted his blog with cyberattacks, tried to frame him for selling drugs, and even faked an emergency at his home address so that heavily armed police surrounded his house. The former Washington Post reporter has made so many enemies that he reportedly writes with a loaded shotgun by his side.

But what happened this month after he reported on an Israeli operation that carries out online attacks for a fee sent shockwaves across the internet.

Last week, Krebs's site was hit with a distributed denial of service, or DDoS, attack bigger than anything the internet has seen. The attack was so big even Akamai Technologies, which handles DDoS mitigation for some of the largest companies on the internet, unhitched him from its network.

DDoS attacks direct so much traffic toward an internet address that legitimate visitors can't reach the website. In such attacks, adversaries commandeer networks of thousands of previously compromised computers, or botnets, to dispatch malicious traffic.

While the scope of the online assault was enough to knock Krebs's blog offline for several days, it also revealed the growing strength of DDoS attacks and the relative ease with which anyone can unleash these digital weapons to censor journalists, activists, and critics.

Now that more and more devices are connected to the internet, attackers have access to millions of ordinary objects – home routers or connected digital video records – that have with poor or nonexistent security measures. 

"On the internet, anyone with an axe to grind and the willingness to learn a bit about the technology can become an instant, self-appointed global censor," wrote Krebs following the attack. "I sincerely hope we can address this problem before it’s too late."

Krebs did find a solution that enabled him to keep publishing on the web. Earlier this year, Jigsaw, the advanced research outfit created by Google, opened a service known as Project Shield to news organizations, human rights groups, and investigative reporters that need protection from DDoS attacks.

Project Shield was quick to come to Krebs's aid and bring it under its umbrella of DDoS protections. The project currently protects more than 100 sites operated by journalists, activists, and political groups, according to a recent Wired article on the effort.

"When we talk about organizing the world's information and making it available and useful ... you have to make sure that once people have access to the information, it doesn’t get DDoS attacked, it doesn’t get compromised, it doesn’t get censored in a politically motivated way," Jigsaw president Jared Cohen told Wired.

Many larger news sites and commercial websites have DDoS protection, such as what Akamai provided Krebs as a pro bono service. But smaller blogs or activist websites around the world can't afford such services that can cost between $150,000 and $200,000 per year.

"Ask yourself how many independent journalists could possibly afford that kind of protection money?" Krebs recently wrote.

Krebs says he believes the recent attack on his site was in retaliation for his coverage of the Israeli DDoS provider. He says the service has been responsible for a majority of the DDoS assaults launched over the past several years, according to Krebs. After his article, Israeli police arrested two men connected with the operation. Both of them are presently free on a $10,000 bond.

"This attack was the largest against a single targeted entity that we’ve seen," said Andy Ellis, chief security officer at Akamai. In light of its scale, he says, other organizations should consider the Krebs attack as a new baseline for future DDoS assaults.

Average DDoS attacks involve traffic volumes of less than 100 Gigabits per second (Gbps). This one, he says, hit 600 Gbps a second.

"Generally, attacks of this size require a large infrastructure," Mr. Ellis said. "This adversary has certainly demonstrated a greater capacity than previous adversaries."

Security Culture

This journalism empowers people to understand the bigger picture of cybersecurity as it connects to some of the most personal parts of their lives: their job, their education, the evolving digital culture around them, and the technology they use on a day-to-day basis. As part of the Monitor’s overarching commitment to chronicling human progress, we see these very human issues within cybersecurity to be critical and overlooked parts of the conversation.

This initiative is generously supported by

  • Northrop Grumman
  • ISC
You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.