Real Life Mr. Robot
I have been watching the hit TV series “Mr. Robot” recently, and it is quite intriguing in its plot that centers around a top secret hacking group that is bent on taking down one of the largest financial institutions on earth. Doing so, they predict, will cause the greatest redistribution of wealth the world has ever seen, erasing debts for millions of people and causing accounts to become null and void.
But is it really the work of fiction, or could such a thing happen? It doesn’t tread far from the truth, as we have seen lately. The recent takedown of one of our favorite whistleblower and internet security websites “Krebs on Security” recently with the largest DDoS attack ever seen is proof that an incredible amount of power lies within the hands of individuals who have spent a great deal of time amassing and constructing weapons of mass data destruction.
Events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach. – Michael Krebs, krebsonsecurity.com
While the website is back, it was down for quite some time. Security company Akami was helping to deflect the DDoS attack, but they ended up jettisoning the site from its protective waters due to the incredible amount of resources required to keep the attack at bay.
A DDoS attack is where an individual can harness a network of hacked computers and points the traffic data at one website, effectively drowning it in a firehose-like stream of data and knocking the site offline.
According to Akami the attack was around 620 Gigabits per second of pure junk data – this is twice the size of the next largest attack ever seen. Additionally it seems that this attack used new methods that are only just starting to become used.
In layman’s terms it’s like having the power of a nuclear bomb in the hands of an individual. This attack could be used to take down many different sites. It’s a tool of censorship – while some companies were helping out Krebs on Security with “pro bono” security, he estimates that with this new attack the amount of money he would need for “always on” security to defend against attacks of this nature is somewhere in the realm of $100-200k per year. Akami said that had they kept the site in their network and if the attack was extended, it could have cost the company millions of dollars.
It’s an alarming development. Krebs is one of the most cutting edge reporters who delves into the seamy underbelly of the internet and has the guts to expose the big players. Some people don’t like this, and hence the DDoS takedown.
Krebsonsecurity.com is back online thanks to Google’s Project Shield, which helps reporters and news institutions avoid DDoS attacks when they publish something controversial. His site has been attacked several times before in the past by hackers who weren’t too enthused by some of his scoops and stories.