Akamai’s decision to drop Krebs’ DDoS protection wasn’t an infrastructure thing – yeah, right
// September 26th, 2016 // Hacking and Security
I wasn’t too happy to hear that Akamai dropped security researcher/writer Brian Krebs last week after Kreb’s website sustained the largest-ever DDoS attack. In short, they basically offered Krebs protection from DDoS attacks until, well, they said they couldn’t. Then they dropped him leaving Krebs to fend for himself. Yeah, I know, we’re taught at an early age that integrity and honor dictate we should defend the little-guy but hey, this is big business. It’s all about the money. Or is it?
Akamai admitted publicly that it was the worst denial-of-service attack they had ever seen. In fact, they say the attack “stunned their engineers – almost twice as much traffic as Akamai had ever seen in a previous attack” but claim that they did have the technology to fend off the attack. They just didn’t want to pay for it. So they took the protection of one of the most widely-respected cyber security experts on the Internet and shut off his service.
I call BS on this one. I monitored the attack and can attest that Akamai’s service was struggling to keep up, particularly in the later stages of the attack. What resources Akamai could muster were directed at Krebs’ attack which left little more to defend paying customers against attacks. This implies, quite simply, that Akamai can only protect a single customer (at a time) against a large-scale IoT DDoS attack. Not something I’m sure they would want to admit. Then again, they’re the ones that crunched the financial numbers and sized their infrastructure accordingly. It’ll be their head when hackers realize a similarly-sized (or larger) attack against two or more of their customers will bring Akamai’s service to its knees.
To his credit, Krebs was not angered and noted that Akamai had protected his site from hundreds of attacks, pro bono. In the end, Krebs switched to Google’s Project Shield, a service which protects journalists against censorship-oriented DDoS campaigns. Chalk one up for Google for doing the right thing.
|« « Previous Article: The way of the modern world – a picture is worth a thousand posts…||» » Next Article: Well, that didn’t last long – DDoS record broken again with 990Gbps flood|
Leave a Reply
You must be logged in to post a comment.