Hard to believe it’s time to celebrate another go ’round the Sun for KrebsOnSecurity! Today marks exactly seven years since I left The Washington Post and started this here solo thing. And what a remarkable year 2016 has been!
The word cloud above includes a sampling of tags used in stories on KrebsOnSecurity throughout the past year. It’s been a wild one, riddled with huge attacks, big cybercriminal busts and of course a whole mess of data breaches.
The biggest attack of all — the 620 Gbps distributed denial-of-service (DDoS) assault against this site on Sept. 22 — resulted in KrebsOnSecurity being unplugged for several days. The silver lining? I now have a stronger site and readership. Through it all, the community that has grown up around this site was extremely supportive and encouraging. I couldn’t be prouder of this community, so a huge THANK YOU to all of my readers, both new and old.
It’s fair to say that many of the subjects in the word cloud above are going to continue to haunt us in 2017, particularly ransomware, CEO fraud and DDoS attacks. I am hopeful to have more on the “who” behind the September attacks against this site in the New Year. I promise it’s going to be a story worth waiting for. Stay tuned.
Also, many of you have asked whether we can have a more responsive theme on this blog. It is true that the site hasn’t been updated appearance-wise since it launched seven years ago, and that it’s long overdue for a facelift. We were on track to have that done by today’s blog post, but for a variety of reasons this will have to wait until the early New Year. Thank you for your patience.
My aim from the beginning with this site has been to focus on producing original, impactful reporting on computer security and cybercrime, and to keep the content free for anyone and everyone. That remains my intention. For those of you who have Adblock installed, please consider adding an exception for my site: For security reasons (see malvertising for more info), this site has not allowed third-party content since late 2011, and all of the handful of ads that run here are hosted locally and have been fully vetted.
As always, below are links to some of the most-read stories on the site this year. Thanks again for your readership, encouragement and support!
Oct. 21: Hacked Cameras, DVRs Powered Today’s Massive Internet Outage
Oct. 3: Who Makes the IoT Things Under Attack?
Sept. 25: The Democratization of Censorship
Sept. 13: Secret Service Warns of ‘Periscope’ Skimmers
Sept. 10: Alleged vDOS Proprietors Arrested in Israel
Sept. 8: Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years
Aug. 26: Inside ‘The Attack that Almost Broke the Internet’
Feb. 18: This is Why People Fear the Internet of Things
Feb. 16: The Great EMV Fakeout: No Chip for You!
Thank you so much for all your hard work and your GREAT book!!!
I’ll be finishing Spam Nation soon but have already done a class presentation on the information therein and am doing my best to help spread the word about what **really** happens when one opens enticing spam and clicks on those links…
Have a great day, a wonderful weekend and a MOST Happy New Year!!!
From russia with love. Lol
Congratulations on a great run over these 7 years. I would prefer you keep up with the outstanding reporting as oposed to a fancy new web site.
Cheers and have a safe New Year!
As mentioned in a few other previous comments, the redesign is not about making it fancier. It’s about making it play nice with mobile devices.
I love you man.
Many many congrats on the 7th anniversary. As Oscar Wilde said “You can always judge a man by the quality of his enemies.”
Congratulations on seven years. I followed you from the Washington Post.
Keep up the good work!
I’ll drink to this anniversary, and say THANKS.
I’ve been following you since your days at WaPo. I am no computer expert and find your advice very helpful (I would say “rely on” but don’t want to make you nervous) to keep my home computers, phones, etc. safe. Thank you. And, to the extent my non-digital mind understands them (and you do a great job of making complex items accessible), I am enlightened about the digital dangers we face. Thank you.
Great job, Brian. I love your blog. Here’s to many, many more years of success.
Excellent job brian !!!
Keep up the good work.
Happy Birthday Krebs on Security! I probably have just a basic understanding of everything that is discussed here but all the articles and comments continue to fascinate and inform me I also have enormous respect for all that YOU do, Mr. Krebs!
I wish you and your family a happy, good and interesting new year!
Please don’t change too much on your site. Changes are seldom an improvement…
There are many people overseas, and in America that just don’t care. I found a network of fake staffing companies being run off of DreamHost (based in Bria California), last year. The scammer bought 20+ domains. He would target specific job seekers sending them emails from these bought domains with matching web sites. The goal was to walk the victim through fake phone interviews and then request SSN and DOB to submit the victim to a ‘client corporation.’
I warned the DreamHost abuse staff several times showing them the threads of the scam, the posting by various victims and the DreamHost staff responded with a fu&# off. They added that they would only respond to law enforcement orders. The domains continued to exist until they expired.
As long as the employees of the hosting companies get their paychecks, they don’t care. As long as the hosting companies executives continue to see money from the scammer/client they don’t care.
I created a blogger site to document all that I found about this scammer at.
The scammer is still running with a new batch of domains hosted on American services. They are DreamHost, 1and1.com, and blue host.com.
There is one hosting company that I warned that did shut down three domains. I sent them the same information as the ones listed above. The evidence was good enough for them to reach the conclusion that the scammer was a criminal but the ones listed above just don’t care.
THIS IS STILL THE WILD WEST
A rough comparison to the United States in the late 1860s or through the 1870s, vis-a-vis laws and law enforcement. It’s both healthy and dangerous, invigorating and rife with exploitation. Surely the FBI with its current staffing, budget, and other responsibilities, can only do so much. We need smart online consumers, too! Don’t be a chump, and when swindled nonetheless by a flim-flam predator, inform the local constabulary, law enforcement, in other words, correct?
Most people have a strong sense of justice, and the crooks prey on that trusting attitude. Example: will your aunt in the Midwest (or the Bronx) be able to disambiguate spam from legit communication online, across the board, covering the entire waterfront?
No. Moreover, your aunt or uncle or even YOU may be the gate-keeper online, in private or public capacities. Brian is just one guy, he can’t do all the intellectual work alone. We have to educate ourselves, refuse to panic/be stunned by sensationalistic threats from nitwits, and forge on. Happy New Year!
Thus the undefined term “unconscionable” in the law, for something defintely outrageous, but which is so slippery it hasn’t yet been definitively codified as illegal.
Fantastic Brian! Congrats!
What a year, this year has been! Your graphic captures it nicely.
I’m pretty sure 2017 is going to be a year of even larger challenges.
Loved your book and you have my support!
im sure in russia vybercriminals celebrating now with vodka.
and caviar …..
Congratulations on an insightful and impactful 7 year run. As I recall from my old biology courses every 7 years the body has replaced every cell and is, therefore, renewed, reborn, and rejuvenated. I enjoy the content and straightforward style of your current site but if change means that the site is more mobile friendly then I”m all for it. Keep fighting the good fight Mr. Krebs. You honor humanity through your service. Kind regards, and Happy New Year.
Wishes ypou an your familly the best for this new year 2017 !!
Best ragards from a Paris
Brian, you’re a mensch, a human being with the fidelity, bravery and integrity mentioned in the FBI motto, in my opinion. It’s always inspiring to see good values counter greed, stupidity, and outright evil intentions, not to put too Manichean a spin on it — just that it’s inspiring to see people with integrity doing the right thing, thanks!
Thank you for your blog/reporting on the criminal activities of the THIEVES that steal from the unsuspecting ….it angers me that the US Government does nothing to punish ISP’s , hosters , anonymous email relays , anonymous phone systems etc etc….I know I know the ISP’s will simply say that they cannot keep up or don’t have the man power or the cyber security systems in place to sniff criminal sources but imagine how quickly solutions can be found or architectured if penalties , fines , prison time were doled out to these hosters , sip,s et etc simply for allowing criminal traffic to pass…to me its really that simple….ISP’s sure have enough technology to throttle or shape prioritize traffic …they know what traffic comes from netflix , apple tv and so on…and hosters that sell websites to the bad guys ..f*** you too….bad criminal interesting traffic should be vetted by the source ( source interface to that local ISP) or BLOCKED…nigerian scams or “IRS is out to sue you” scams should be tracked from the very phone# they leave on your answering machine and fine or block the phone anonymize..start there…start somewhere !!!!!
Congrats Brian.. here is for many more years of trying to keep everyone safe..
best regards from India..
Update your site design,UI and UX is not good right now
This site now looks like old school one
Another long time follower here, love the work you do the depth in which you do it. Always enlightening.
Could we ask that the theme be dark in color, or the option to have a dark theme?
ARS has a great site color scheme (Dark Theme) and i think considering the amount of time i spend on that site, and yours, it would save my phone major battery by having a dark theme.
Just something to consider. Thanks and keep up the great work!
Brian – Thanks so much for all the help you give us Admins on the front lines. We all owe you big time!
I had the great pleasure to meet you in person about a year after you first kicked this thing off.
What impressed me most is that you are even smarter in person than you are on the blog – as difficult to believe as that may be for many folks.
Much has changed in that time and sadly, much has not.
What has not changed in that time is your passion, dedication and desire to make a positive difference in the digital lives of us all, and for that I thank you from the bottom of my heart.
Stay gold Ponyboy.
Hi Brian- Happy New Year. While you are working on the new format, please avoid Gray text on Grey background. Thanks. best regards, -chris
I’m thankful for your time and effort you put into your site. I have been reading daily all of your emails. I don’t know a lot about the very techy things, but I am very aware that the Internet can be dangerous and wonderful at the same time. Wonderful because it affords right up to the moment information. Dangerous because from the time Humans, (and not so humankind) from creation on Earth can sometimes commit horrible acts towards each other. The internet isn’t left out of this kind of chicanery. Who said words don’t hurt? Sure glad that Mr Krebs is NOT one of the “Bad Guys “. Mr Krebs please be proud of your wonderful works. It’s hard to be a Eagle when Vultures are flying over, around, and waiting on the ground to pounce on you when you they think you at your weakest . You are are a good Man among many doing good deeds. It’s just that the the other side who are wile get attention by being artsy dodgers of truth by being deceitful, beguiling and raucous. I really appreciate your good work.
I’ve been a casual reader of your site for the past few years. As a student and a veteran trying to change careers, your material has been invaluable in 1) just helping me understand the many nuances of this industry and 2) using you and your associates material as references in I don’t know how many papers, case studies, etc. I only have four credits left, and you made it that much easier to get to this point.
Thanks again and looking forward to the next seven…