December 29, 2015

You know you’re getting old when you can’t remember your own birthday (a reader tipped me off). Today is the sixth anniversary of this site’s launch! KrebsOnSecurity turns 6! I’m pretty sure that’s like middle age in Internet years.

sixfingersAbsolutely none of this would be possible without you, Dear Reader. You have supported, encouraged and inspired me in too many ways to count these past years. The community that’s sprung up around here has been a joy to watch, and essential to the site’s success. Thank you!

I tried for at least one post per weekday in 2015, and came close, publishing some 206 entries this year (not counting this one). The frequency of new posts suffered a bit from September to November, when I was on the road nearly 24/7 for a series of back-to-back speaking gigs. Fun fact: Since its inception, this site has featured some 1,200 stories that generated more than 62,000 reader comments.

Here’s wishing you all a very happy, healthy, wealthy and safe New Year.  Below are some of the KrebsOnSecurity posts that readers found most popular in 2015 (minus the Ashley Madison and Lizard Squad stuff), along with one or two of my personal favorites in no particular order.

How I Learned to Stop Worrying and Embrace the Security Freeze — Credit monitoring services offered in the wake of umpteen breaches this year won’t stop ID thieves from stealing your good name.

What’s in a Boarding Pass Barcode? – Sometimes the stories intended to be written in a “hey-did-you-know” format turn into national news. Who knew?

How Carders Can Use eBay as a Virtual ATM – “Triangulation fraud” is big business.

Sign Up at the IRS Before Crooks Do It For You – This story about how ID thieves used the IRS’s own site to steal taxpayer data was published three months before the IRS acknowledged that some 330,000 taxpayers had been impacted.

Intuit Failed at Know-Your-Customer Basics – Much of the tax refund fraud problem can be traced back to poor or non-existent authentication at online tax preparation firms, like TurboTax.

Hacker Who Sent Me Heroin Faces Charges in the U.S. – A stranger-than-fiction story about a cybercrime kingpin who tried to frame me for drug possession and failed spectacularly.

Bluetooth ATM Skimming Series in Mexico – I traveled to Cancun in September to chronicle the work of an ATM skimming gang that was bribing ATM technicians to get access to the insides of the cash machines.

Gas Theft Gangs Fuel Pump Skimming Scams – It’s truly remarkable how much effort crooks will put into extracting value from stolen credit and debit cards.

Inside Target Corp., Days After 2013 Breach – I got to look at a confidential, internal penetration test that Target commissioned just days after learning it had lost 40 million credit cards. It wasn’t pretty.

A Day in the Life of a Stolen Healthcare Record – Healthcare organizations have some serious and difficult security challenges ahead of them. I think that explains the reader interest in this story, coupled with the fact that there are so few stories out there about stolen medical info showing up for sale in the cybercrime underground.

This entry was posted on Tuesday 29th of December 2015 11:37 AM


96 thoughts on “Happy 6th Birthday, KrebsOnSecurity!

  1. davij2

    Krebs three rules are timeless. Now if we can get people to abide.

    1. timeless

      I’m not sure I’d go that far.

      But I definitely endorse them 🙂

  2. Dave

    Congratulations on the anniversary! I enjoy your articles and find them enlightening. Best wishes for continued success!

  3. Lesley McLaughlin

    You’re capacity to post almost daily is amazing, the information is fascinating, and you’ve likely kept multiiple thousands of people saf(er) on the web. Thank you, and happy birthday!

  4. Thomas Galley

    Well, congratulations are in order, and a big thank you for all the great work. You have been an inspiration to me and to anyone who takes infosec seriously.

  5. Paul

    Thank you for the consistently high quality of reporting over the years.

    Also, love the book.

  6. Alex

    Congrats Brian, I feel 2016 is going to be another interesting year.
    Good luck with everything, your readers will be here waiting.

  7. Henry Arnold

    Woo Hoo! Congrats! I’ve been following since the beginning. I’ve passed many of your articles to friends, posted on Facebook and added to my blog

  8. IL

    Thanks for interesting reports and keeping us up to date.
    Inspiration and high spirit to keep going.

  9. IA Eng

    Thanks for digging WAY deeper into most of the headline stories. Most journalists simply want to be the one to fire it off and call it done.

    Brian I am gald to say these daily visits over the years have proven to me, as well as many others, that we can find some pretty decent stories based on fact.

    Appreciate your efforts, and attitude. To most some of the push-back by the crooks would have many to hide their tail ( or tale) and run. letting us see a peek at what happens behind the scene ( for most) is always a pleasure.

    Keep up the great work. I am always looking forward to the next big write up.

  10. Hans

    Mr Krebs, thank you so kindly for your six years
    of investigating labor and keeping us out of the blind!!

  11. DaveT

    It’s so refreshing to see this style of journalism – in depth research and analysis woven into a story that both informs and entertains. I get so tired of news that consists of a press release and a self-serving quote. The TV version is worse: talking heads arguing about someone else’s story – whoever is the loudest “wins” the news.

    I always start my work day with KrebsOnSecurity. I’m amazed that you have something new nearly every day. I hope you’re getting a little break for the holidays and look forward to your insights in 2016.

  12. Luke

    Congratulations on your 6th birthday and thank for all the infromative and great reads 🙂

    Have a happy new year

  13. Silemess

    Another belated well-wisher. Happy birthday to the site, and many thanks to you Mr. Krebs for keeping us awake and aware.

    I kind of wish that the Krebs cycle graphic made its return, especially with recent cycle of hotel with POS systems being compromised.

  14. BillC

    This is one of the best sites on the web in terms of serving the public interest in an actionable way. I read it regularly and share key blogs with family and friends. One has to wonder why there is no obvious mainstream competition. Public/user apathy? Corporate resistance to business-critical IT security spending?

    1. KFritz

      Greetings! Once upon a time…actually about six years ago!… BK worked for the Washington Post, which I hope you’ll agree is about as mainstream as it gets. The column was called “Security Fix,” and I assume that the WaPo wouldn’t allow the brand to migrate. Two years later the Post jettisoned Rob Pegoraro, and in 2014 the Wall Street Journal parted ways with Walt Mossberg. I’d venture a guess that the above 3 blogger/columnists got more traffic than many of their other mainstream counterparts combined. (I did say ‘venture a guess,’ right?) I’ll venture another guess–that all of the pink slips had to do with media economics. Until a nerd named Craig Newmark torpedoed their business model, the newspaper business was mostly profitable. Since Craigslist, the result has been an attrition of reportage and coverage, sometimes gradual, sometimes in dramatic increments. Where the ‘process’ ‘ends,’ no one knows. One might say that the spirit is willing, but the bottom line is weak.

    2. KFritz

      PS It’s unfair to heap all the responsibility on Craig N’s shoulders. Freeloaders like yours truly getting information from the free parts of news websites has been at least as damaging as the vaporization of the classified ads.

  15. femtobeam

    Happy Birthday Krebs on Security and Happy New Year Brian! Thank you.

  16. patti

    First heard of your site in a cybersecurity briefing. Thanks for what you do, though you prolly take a lot more targeted hits for it.

  17. MKE Freelancer

    It’s one thing to do this kind of reporting when you have the resources of the WaPo behind you. It’s quite another to take on the cyber-underworld on your own. It occurs to me there’s a Donate button in the right sidebar (by the start of the Comments). Sending Krebs On Security a $6 (or multiple of 6!) birthday present would be a nice way to help with some of overhead a column like this requires (attorney fees, insurance premiums, home security systems, etc.)

  18. Robert.Walter

    Happy New Year and Happy Anniversary Brian! May your next year be both interesting and safe!

    1. Robert.Walter

      I’ve just sent 6$ by PP on the basis of MKE Freelancer’s suggestion above.

  19. Gomdoi

    Ok where this cybercrime come from ?? It’s something mystical.. Underground forums you can read tutorials wow… But who wrote them?? I don’t get it at all the question is how people in Eastern Europe tought be cybercrimnals? All this articles is just consiquenses,but we need to speak about roots ? Isn’t it? And how come Mr. Krebs become cyber researcher ? As I undestood this crimes are committed by low education people Mhhh how come ?? There is so many questions but very few answers! Where all this money going ? There is so much money that u can start revolution… I sit true that Russian separatist are supported exacly from this sort of income?? I really don’t think the cyber crime and fraud are something what started just by 2 genius criminals who 1 day desided to start make money … And moneygram and Western union is there to lend helping hand to move all this dirty money it’s like complect 😀 you just be a man and go get some tools and start digging gold I think it’s irreelogical that nothing can really stop this

  20. Lou

    Did you know that some people actually have 6 fingers?
    Happy Sixth!

  21. nicole a

    I always come check your site to see what is happening in the security world and to see if there are security fixes; which you always seem to tell us before Microsoft or Adobe. I tell my husband that if there is a breach, you will know about it. He now reads your site on his own. I have felt horrible for how you have been targeted though. The hackers must really feel you are a threat to go to such lengths to stop you. I like that you are one step smarter than they are. So, thank you, even with all that you and your family have had to endure, for keeping this site up and running for 6yrs.

  22. HostAG

    While I’m rather new here, i have to say – Happy birthday and keep it going.

  23. Greg D.

    This is the one website I check every single day for new content. I have learned so much since I’ve known about your blog from 2012. Keep up the awesome work.

  24. John

    Hey man,

    your website is one of the must-check ones when you try to stay updated in infosec world. Thanks for the awesome job and keep up the good work 😀

    Cheers!

Comments are closed.