As many of you know, my site was taken offline for the better part of this week. The outage came in the wake of a historically large distributed denial-of-service (DDoS) attack which hurled so much junk traffic at Krebsonsecurity.com that my DDoS protection provider Akamai chose to unmoor my site from its protective harbor.
Let me be clear: I do not fault Akamai for their decision. I was a pro bono customer from the start, and Akamai and its sister company Prolexic have stood by me through countless attacks over the past four years. It just so happened that this last siege was nearly twice the size of the next-largest attack they had ever seen before. Once it became evident that the assault was beginning to cause problems for the company’s paying customers, they explained that the choice to let my site go was a business decision, pure and simple.The "trick" was that the criminal hacker organizations have taken control of vast numbers of poorly secured devices on the Internet so that there isn't just one IP address making absurd demands on Krebs' website; it's thousands of them. I shudder to think what will happen when Bloomberg hires these criminals to shut down dissent about gun control. This is why the poorly secured systems that control our power plants (including nuclear) are so dangerous. The only real Internet security is no Internet connection.