|Born||1972 (age 45–46)|
|Alma mater||George Mason University|
Brian Krebs (born 1972 in Alabama) is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. His interest grew after a computer worm locked him out of his own computer in 2001.
Krebs is the author of a daily blog, KrebsOnSecurity.com, covering computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for The Washington Post and covered tech policy, privacy and computer security as well as authoring the Security Fix blog. He is also known for interviewing hacker 0x80.
On March 14, 2013, Krebs became one of the first journalists to become a victim of swatting. On December 18, 2013, Krebs broke the story that Target Corporation had been breached of 40 million credit cards. Six days later Krebs identified a Ukrainian man who Krebs said was behind a primary black market site selling Target customers' credit and debit card information for as much as US$100 apiece. In 2014, Krebs published a book called Spam Nation: The Inside Story of Organized Cybercrime - from Global Epidemic to Your Front Door, which went on to win a 2015 PROSE Award.
Krebs started his career at The Washington Post in the circulation department. From there, he obtained a job as a copy aide in the Post newsroom, where he split his time between sorting mail and taking dictation from reporters in the field. Krebs also worked as an editorial aide for the editorial department and the financial desk. In 1999, Krebs went to work as a staff writer for Newsbytes.com, a technology newswire owned by The Washington Post.
When the Post sold Newsbytes in 2002, Krebs transitioned to Washingtonpost.com in Arlington, Virginia as a full-time staff writer. Krebs's stories appeared in both the print edition of the paper and Washingtonpost.com. In 2005, Krebs launched the Security Fix blog, a daily blog centered around computer security, cyber crime and tech policy. In December 2009, Krebs left Washingtonpost.com and launched KrebsOnSecurity.com.
Krebs has focused his reporting at his blog on the fallout from the activities of several organized cybercrime groups operating out of eastern Europe that have stolen tens of millions of dollars from small to mid-sized businesses through online banking fraud. Krebs has written more than 75 stories about small businesses and other organizations that were victims of online banking fraud, an increasingly costly and common form of cybercrime.
Krebs wrote a series of investigative stories that culminated in the disconnection or dissolution of several Internet service providers that experts said catered primarily to cyber criminals. In August 2008, a series of articles he wrote for The Washington Post's Security Fix blog led to the unplugging of a northern California based hosting provider known as Intercage or Atrivo.
During that same time, Krebs published a two-part investigation on illicit activity at domain name registrar EstDomains, one of Atrivo's biggest customers, showing that the company's president, Vladimir Tšaštšin, recently had been convicted of credit card fraud, document forgery and money laundering. Two months later, the Internet Corporation for Assigned Names and Numbers (ICANN), the entity charged with overseeing the domain registration industry, revoked EstDomains' charter, noting that Tšaštšin's convictions violated an ICANN policy that prohibits officers of a registrar from having a criminal record. In November 2011, Tšaštšin and five other men would be arrested by Estonian authorities and charged with running a massive click fraud operation with the help of the DNS Changer Trojan.
In November 2008, Krebs published an investigative series that led to the disconnection of McColo, another northern California hosting firm that experts said was home to control networks for most of the world's largest botnets. As a result of Krebs' reporting, both of McColo's upstream Internet providers disconnected McColo from the rest of the Internet, causing an immediate and sustained drop in the volume of junk e-mail sent worldwide. Estimates of the amount and duration of the decline in spam due to the McColo takedown vary, from 40 percent to 70 percent, and from a few weeks to several months.
Krebs is credited with being the first journalist, in 2010, to report on the malware that would later become known as Stuxnet. In 2012, he was cited in a follow-up to another breach of credit and debit card data, in this case potentially more than 10 million Visa and MasterCard accounts with transactions handled by Global Payments Inc. of Atlanta, Georgia.
In 2016, Krebs's blog was the target of one of the largest ever DDoS attacks, apparently in retaliation for Krebs's role in investigating the vDOS botnet. Akamai, which was hosting the blog on a pro bono basis, quit hosting his blog as a result of the attack, causing it to shut down. As of September 25, 2016[update], Google's Project Shield had taken over the task of protecting his site, also on a pro-bono basis.
An article by Krebs on 27 March 2018 on KrebsOnSecurity.com about the mining software company and script "Coinhive" where Krebs published the names of admins of the German imageboard pr0gramm, as a former admin is the inventor of the script and owner of the company, was answered by an unusual protest action by the users of that imageboard. Using the pun of "Krebs" meaning "Cancer" in German, they donated to charitable organisations fighting against those diseases, collecting more than 200,000 Euro (245,000 USD) of donations until the evening of 28 March to the Deutsche Krebshilfe charity.
Selected articles from The Washington Post
- "The Long and the Short of Microsoft's Patches", January 16, 2006
- "Paris Hilton Hack Started with Old-Fashioned Con", May 19, 2005
- "Hackers Found Hilton's Phone An Easy Target", May 19, 2005
- "Data Thefts May Be Linked: Warrants served in LexisNexis Account Breach", May 20, 2005
- "Hijacking a MacBook in Sixty Seconds" August 2, 2006
- "Internet Explorer Unsafe for 284 Days in 2006", January 4, 2007
- "Tracking the Password Thieves", March 14, 2007
- "They Told You Not to Reply", March 21, 2007
- "Mapping the Russian Business Network", October 13, 2007
- "Report Slams U.S. Host As Major Source of Badware", August 28, 2008
- "EstDomains: A Sordid History and a Storied CEO", September 8, 2008
Awards and recognition
- 2014 National Press Foundation, "Chairman's Citation Award"
- 2011 Security Bloggers Network, "Blog That Best Represents the Industry"
- 2010 SANS Institute Top Cybersecurity Journalist Award
- 2010 Security Bloggers Network, "Best Non-Technical Security Blog"
- 2009 Winner of Cisco Systems' 1st Annual "Cyber Crime Hero" Award
- 2005 CNET News.com listed Security Fix as one of the top 100 blogs, saying "Good roundup of significant security issues. The Washington Post's Brian Krebs offers a userful, first-person perspective".
- 2004 Carnegie Mellon CyLab Cybersecurity Journalism Award of Merit
Krebs is a frequent speaker on computer security and cybercrime topics.
In October 2011, he gave keynote addresses at
- GOVCERT.NL in Rotterdam
- Secure 2011 in Warsaw, Poland
- SecTor 2011, in Toronto, Ontario, Canada
- FIRST 2011 in Vienna, Austria
- The man who dares to report on hackers by Nicole Perlroth New York Times (TBT February 18, 2014 page 30)
- Krebs, Brian (December 24, 2009). "Security Fix — Brian Krebs on computer and Internet security". Voices blogs, The Washington Post. Retrieved 2012-02-14.
- Jackman, Tom (March 27, 2013). "'SWATing,' the seamy 'underweb,' and award-winning Fairfax cybercrime journalist Brian Krebs". The Washington Post. Retrieved 2013-07-27.
- Perlroth, Nicole (December 24, 2013). "Who Is Selling Target's Data?". The New York Times Company. Retrieved 2013-12-27.
- PROSE Awards. "PROSE Awards: Winners". proseawards.com.
- Krebs, Brian. "Symposium III: Cybersecurity". UC Santa Barbara. Archived from the original on August 17, 2012. Retrieved 2013-07-27.
- Weise, Karen (January 16, 2014). "Brian Krebs: The cybersecurity blogger hackers love to hate". Business Week. Retrieved January 17, 2014.
- "Target: Small Businesses". Krebs On Security.
- Krebs, Brian. "Security Fix — Report Slams U.S. Host as Major Source of Badware". Voices.washingtonpost.com. Retrieved 2012-02-14.
- Krebs, Brian. "Security Fix — EstDomains: A Sordid History and a Storied CEO". Voices.washingtonpost.com. Retrieved 2012-02-14.
- Krebs, Brian. "Security Fix — ICANN De-Accredits EstDomains for CEO's Fraud Convictions". Voices.washingtonpost.com. Retrieved 2012-02-14.
- "The United States Department of Justice — United States Attorney's Office". Justice.gov. November 9, 2011. Retrieved 2012-02-14.
- Krebs, Brian (November 11, 2008). "Major Source of Online Scams and Spams Knocked Offline". The Washington Post.
- "McColo Outage". Cbl.abuseat.org. Retrieved 2012-02-14.
- Gross, Michael Joseph (March 2, 2011). "Stuxnet Worm: A Declaration of Cyber-War". Vanity Fair. Retrieved 2016-09-25.
- Waters, Jennifer (March 30, 2012). "What to do if you fear your credit card's hacked". MarketWatch. Retrieved 2012-03-31.
- Ms. Smith (September 11, 2016). "Krebs' site under attack after alleged owners of DDoS-for-hire service were arrested". Network World. Retrieved 2016-09-25.
- "Massive web attack hits security blogger". BBC. September 22, 2016. Retrieved 2016-09-25.
- Kovacs, Eduard (September 21, 2016). "Brian Krebs' Blog Hit by 665 Gbps DDoS Attack". Security Week. Retrieved 2016-09-25.
- Evans, Steve (September 23, 2016). "Krebs Website Offline After Akamai Withdraws DDoS Protection". Infosecurity Magazine. Retrieved September 23, 2016.
- Krebs, Brian (September 25, 2016). "The Democratization of Censorship". Krebs On Security.
- Catalin Cimpanu: Angry Users Donate $120K to Cancer Research After Brian Krebs' Coinhive Article. bleepingcomputer.com, 28 March 2018
- "The 2014 Chairman's Citation Winner". Retrieved November 10, 2015.
- "RSA Conference | Security Blogger Meetup | And the Winners Are". 365.rsaconference.com. Archived from the original on February 14, 2012. Retrieved 2012-02-14.
- "2010 Top Cyber Security Journalist Award Winners". SANS. February 10, 2012. Retrieved 2012-02-14.
- "Archived copy". Archived from the original on March 5, 2013. Retrieved 2014-01-15.
- "Security" (PDF). Cisco. July 17, 2015.
- "News.com's Blog 100 | CNET News.com". News.com.com. Retrieved 2012-02-14.
- "2004 Cybersecurity Journalism Awards :: CyLab". Cylab.cmu.edu. Retrieved 2012-02-14.
- "Govcert.nl". Govcert.nl. Retrieved 2012-02-14.
- "SECURE 2011". Secure.edu.pl. Archived from the original on March 11, 2012. Retrieved 2012-02-14.
- "Security Conference Toronto Canada — Sector 2012 | Schedule". Sector.ca. Archived from the original on March 7, 2012. Retrieved 2012-02-14.
- " "23rd Annual FIRST Conference \\ Vienna, Austria \\ 12-17 June 2011". first.org.