Krebs website withstands historically large DDoS attack; enormous botnet suspected
KrebsOnSecurity founder Brian Krebs
Cybersecurity blog site KrebsOnSecurity, a frequent target of hackers, was barraged on Tuesday evening by an extraordinary distributed denial of service (DDoS) attack boasting a bandwidth between 620 and 665 Gbps – one of the largest such attacks in history.
Despite the massive assault, the website remained functional, according to site founder and investigative journalist Brian Krebs.
The primary method of attack was new and highly unusual, reported Krebs on his site: rather than using DNS reflection techniques, the perpetrators sent fake traffic designed to look like generic routing encapsulation (GRE) data packets, a protocol for point-to-point data sharing between network nodes. GRE traffic can't be spoofed like DNS traffic can, which suggests that the attack was the work of a giant botnet composed of "a large collection of hacked systems — possibly hundreds of thousands of systems,” Krebs wrote.
Akamai Technologies, KrebsOnSecurity's website performance solutions provider, informed Krebs that the largest attack the company had previously encountered was 363 Gbps.