Brian Krebs
   HOME

TheInfoList



Click Here for Items Related To - Brian Krebs
OR:
Brian Krebs on:   [Wikipedia]   [Google]   [Amazon]

Brian Krebs (born 1972) is an American
journalist A journalist is an individual that collects/gathers information in form of text, audio, or pictures, processes them into a news-worthy form, and disseminates it to the public. The act or process mainly done by the journalist is called journalis ...
and investigative reporter. He is best known for his coverage of profit-seeking
cybercriminal A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing ...
s.Perlroth, Nicole.
Reporting From the Web's Underbelly.
''
The New York Times ''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
''. Retrieved February 28, 2014. Krebs is the author of a daily
blog A blog (a Clipping (morphology), truncation of "weblog") is a discussion or informational website published on the World Wide Web consisting of discrete, often informal diary-style text entries (posts). Posts are typically displayed in Reverse ...
, KrebsOnSecurity.com, covering
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
and
cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing t ...
. From 1995 to 2009, Krebs was a reporter for ''
The Washington Post ''The Washington Post'' (also known as the ''Post'' and, informally, ''WaPo'') is an American daily newspaper published in Washington, D.C. It is the most widely circulated newspaper within the Washington metropolitan area and has a large n ...
'' and covered tech policy, privacy and computer security as well as authoring the ''Security Fix'' blog. He is also known for interviewing hacker 0x80.


Early life and education

Born in 1972 in
Alabama (We dare defend our rights) , anthem = " Alabama" , image_map = Alabama in United States.svg , seat = Montgomery , LargestCity = Huntsville , LargestCounty = Baldwin County , LargestMetro = Greater Birmingham , area_total_km2 = 135,7 ...
, Krebs earned a B.A. in
International Relations International relations (IR), sometimes referred to as international studies and international affairs, is the scientific study of interactions between sovereign states. In a broader sense, it concerns all activities between states—such ...
from
George Mason University George Mason University (George Mason, Mason, or GMU) is a public research university in Fairfax County, Virginia with an independent City of Fairfax, Virginia postal address in the Washington, D.C. Metropolitan Area. The university was origin ...
in 1994. His interest in cybercriminals grew after a
computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It wil ...
locked him out of his own computer in 2001.


Career


1999–2007

Krebs started his career at ''The Washington Post'' in the circulation department. From there, he obtained a job as a copy aide in the Post newsroom, where he split his time between sorting mail and taking dictation from reporters in the field. Krebs also worked as an editorial aide for the editorial department and the financial desk. In 1999, Krebs went to work as a staff writer for Newsbytes.com, a technology newswire owned by ''The Washington Post''. When the ''Post'' sold Newsbytes in 2002, Krebs transitioned to Washingtonpost.com in
Arlington, Virginia Arlington County is a county in the Commonwealth of Virginia. The county is situated in Northern Virginia on the southwestern bank of the Potomac River directly across from the District of Columbia, of which it was once a part. The county ...
as a full-time staff writer. Krebs's stories appeared in both the print edition of the paper and Washingtonpost.com. In 2005, Krebs launched the ''Security Fix'' blog, a daily blog centered around computer security, cyber crime and tech policy. In December 2009, Krebs left Washingtonpost.com and launched KrebsOnSecurity.com. Krebs has focused his reporting at his blog on the fallout from the activities of several organized cybercrime groups operating out of
eastern Europe Eastern Europe is a subregion of the European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural, and socio-economic connotations. The vast majority of the region is covered by Russia, whi ...
that have stolen tens of millions of dollars from small to mid-sized businesses through
online In computer technology and telecommunications, online indicates a state of connectivity and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed "on line" ...
banking fraud Bank fraud is the use of potentially illegal means to obtain money, assets, or other property owned or held by a financial institution, or to obtain money from depositors by fraudulently posing as a bank or other financial institution. In many ins ...
. Krebs has written more than 75 stories about small businesses and other organizations that were victims of online banking fraud, an increasingly costly and common form of cybercrime. Krebs wrote a series of investigative stories that culminated in the disconnection or dissolution of several Internet service providers that experts said catered primarily to cyber criminals. In August 2008, a series of articles he wrote for ''The Washington Post''s ''Security Fix'' blog led to the unplugging of a
northern California Northern California (colloquially known as NorCal) is a geographic and cultural region that generally comprises the northern portion of the U.S. state of California. Spanning the state's northernmost 48 counties, its main population centers incl ...
based hosting provider known as Intercage or Atrivo. During that same time, Krebs published a two-part investigation on illicit activity at domain name registrar
EstDomains EstDomains was a website hosting provider and a Delaware General Corporation Law, Delaware corporation headquartered in downtown Tartu, Estonia. EstDomains was known for hosting websites with malware, child pornography, and other illegal content. ...
, one of Atrivo's biggest customers, showing that the company's president, Vladimir Tšaštšin, recently had been convicted of
credit card fraud Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The ...
,
document forgery A false document is a technique by which an author aims to increase verisimilitude in a work of fiction by inventing and inserting or mentioning documents that appear to be factual. The goal of a false document is to convince an audience that what ...
and
money laundering Money laundering is the process of concealing the origin of money, obtained from illicit activities such as drug trafficking, corruption, embezzlement or gambling, by converting it into a legitimate source. It is a crime in many jurisdicti ...
. Two months later, the Internet Corporation for Assigned Names and Numbers (ICANN), the entity charged with overseeing the domain registration industry, revoked EstDomains' charter, noting that Tšaštšin's convictions violated an ICANN policy that prohibits officers of a registrar from having a criminal record. In November 2011, Tšaštšin and five other men would be arrested by
Estonia Estonia, formally the Republic of Estonia, is a country by the Baltic Sea in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the sea across from Sweden, to the south by Latvia, an ...
n authorities and charged with running a massive
click fraud Click, Klick and Klik may refer to: Airlines * Click Airways, a UAE airline * Clickair, a Spanish airline * MexicanaClick, a Mexican airline Art, entertainment, and media Fictional characters * Klick (fictional species), an alien race in th ...
operation with the help of the DNS Changer Trojan.


2008–2012

In November 2008, Krebs published an investigative series that led to the disconnection of McColo, another northern California hosting firm that experts said was home to control networks for most of the world's largest botnets. As a result of Krebs' reporting, both of McColo's upstream Internet providers disconnected McColo from the rest of the Internet, causing an immediate and sustained drop in the volume of
junk e-mail Email spam, also referred to as junk email, spam mail, or simply spam, is unsolicited messages sent in bulk by email (spamming). The name comes from a Monty Python sketch in which the name of the canned pork product Spam is ubiquitous, unavoida ...
sent worldwide. Estimates of the amount and duration of the decline in spam due to the McColo takedown vary, from 40 percent to 70 percent, and from a few weeks to several months. Krebs is credited with being the first journalist, in 2010, to report on the malware that would later become known as Stuxnet. In 2012, he was cited in a follow-up to another breach of credit and
debit card A debit card, also known as a check card or bank card is a payment card that can be used in place of cash to make purchases. The term '' plastic card'' includes the above and as an identity document. These are similar to a credit card, but ...
data, in this case potentially more than 10 million Visa and MasterCard accounts with transactions handled by Global Payments Inc. of
Atlanta, Georgia Atlanta ( ) is the capital city, capital and List of municipalities in Georgia (U.S. state), most populous city of the U.S. state of Georgia (U.S. state), Georgia. It is the county seat, seat of Fulton County, Georgia, Fulton County, the mos ...
.


2013–present

On March 14, 2013, Krebs became one of the first journalists to become a victim of
swatting Swatting is a criminal harassment tactic of deceiving an emergency service (via such means as hoaxing an emergency services dispatcher) into sending a police or emergency service response team to another person's address. This is triggered by ...
. On December 18, 2013, Krebs broke the story that
Target Corporation Target Corporation ( doing business as Target and stylized in all lowercase since 2018) is an American big box department store chain headquartered in Minneapolis, Minnesota. It is the seventh largest retailer in the United States, and a com ...
had been breached of 40 million credit cards. Six days later, Krebs identified a Ukrainian man who Krebs said was behind a primary black market site selling Target customers' credit and debit card information for as much as US$100 apiece. In 2014, Krebs published a book called ''Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door'', which went on to win a 2015 PROSE Award. In 2016, Krebs's blog was the target of one of the largest ever
DDoS In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
attacks, apparently in retaliation for Krebs's role in investigating the vDOS botnet. Akamai, which was hosting the blog on a ''
pro bono ( en, 'for the public good'), usually shortened to , is a Latin phrase for professional work undertaken voluntarily and without payment. In the United States, the term typically refers to provision of legal services by legal professionals for pe ...
'' basis, quit hosting his blog as a result of the attack, causing it to shut down. ,
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
's
Project Shield Project Shield is an anti- distributed-denial-of-service (anti-DDoS) service that is offered by Jigsaw, a subsidiary of Google Google LLC () is an American multinational technology company focusing on search engine technology, online a ...
had taken over the task of protecting his site, also on a ''pro-bono'' basis. An article by Krebs on 27 March 2018 on KrebsOnSecurity.com about the mining software company and script "Coinhive" where Krebs published the names of admins of the German imageboard ''pr0gramm'', as a former admin is the inventor of the script and owner of the company, was answered by an unusual protest action by the users of that imageboard. Using the pun of "Krebs" meaning "
Cancer Cancer is a group of diseases involving abnormal cell growth with the potential to invade or spread to other parts of the body. These contrast with benign tumors, which do not spread. Possible signs and symptoms include a lump, abnormal b ...
" in
German German(s) may refer to: * Germany (of or related to) **Germania (historical use) * Germans, citizens of Germany, people of German ancestry, or native speakers of the German language ** For citizens of Germany, see also German nationality law **Ge ...
, they donated to charitable organisations fighting against those diseases, collecting more than 200,000 Euro (245,000 USD) of donations until the evening of 28 March to the Deutsche Krebshilfe charity. Prior to 2021, his investigation of First American Financial's prior data breach led to an SEC investigation that concluding that "ensuing company disclosures preceded executives’ knowledge of unaddressed, months-old IT security reports."


Awards and recognition

* 2004 – Carnegie Mellon CyLab Cybersecurity Journalism Award of Merit * 2005 –
CNET ''CNET'' (short for "Computer Network") is an American media website that publishes reviews, news, articles, blogs, podcasts, and videos on technology and consumer electronics globally. ''CNET'' originally produced content for radio and televi ...
News.com listed ''Security Fix'' as one of the top 100 blogs, saying "Good roundup of significant security issues. The Washington Post's Brian Krebs offers a userful, first-person perspective". * 2009 – Winner of
Cisco Systems Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, ...
' 1st Annual "Cyber Crime Hero" Award * 2010 – Security Bloggers Network, "Best Non-Technical Security Blog" * 2010 – SANS Institute Top Cybersecurity Journalist Award * 2011 – Security Bloggers Network, "Blog That Best Represents the Industry" * 2014 – National Press Foundation, "Chairman's Citation Award" *2017 – ISSA's President’s Award For Public Service *2019 – CISO MAG’s Cybersecurity Person of the Year


Media appearances

Krebs speaks on computer security and cybercrime topics. In October 2011, he gave keynote addresses at in
Rotterdam Rotterdam ( , , , lit. ''The Dam on the River Rotte (river), Rotte'') is the second largest List of cities in the Netherlands by province, city and List of municipalities of the Netherlands, municipality in the Netherlands. It is in the Prov ...
, Secure 2011 in
Warsaw Warsaw ( pl, Warszawa, ), officially the Capital City of Warsaw,, abbreviation: ''m.st. Warszawa'' is the capital and largest city of Poland. The metropolis stands on the River Vistula in east-central Poland, and its population is officiall ...
,
Poland Poland, officially the Republic of Poland, is a country in Central Europe. It is divided into 16 administrative provinces called voivodeships, covering an area of . Poland has a population of over 38 million and is the fifth-most populou ...
, SecTor 2011, in
Toronto, Ontario Toronto ( ; or ) is the capital city of the Canadian province of Ontario. With a recorded population of 2,794,356 in 2021, it is the most populous city in Canada and the fourth most populous city in North America. The city is the ancho ...
,
Canada Canada is a country in North America. Its ten provinces and three territories extend from the Atlantic Ocean to the Pacific Ocean and northward into the Arctic Ocean, covering over , making it the world's second-largest country by to ...
, and FIRST 2011 in
Vienna en, Viennese , iso_code = AT-9 , registration_plate = W , postal_code_type = Postal code , postal_code = , timezone = CET , utc_offset = +1 , timezone_DST ...
,
Austria Austria, , bar, Östareich officially the Republic of Austria, is a country in the southern part of Central Europe, lying in the Eastern Alps. It is a federation of nine states, one of which is the capital, Vienna, the most populous ...
.


See also

* Mirai (malware) * Intuit#Lawsuits * 0x80 * mSpy * Russian Business Network * BlueLeaks * Dark0de


References


External links

*
Aghast at Avast’s iYogi Support


* {{DEFAULTSORT:Krebs, Brian 1972 births Living people Anti-spam American business and financial journalists American male journalists Writers about computer security American crime reporters American investigative journalists The Washington Post journalists American online journalists American activist journalists George Mason University alumni