HOME

TheInfoList



Click Here for Items Related To - Brian Krebs
OR:
Brian Krebs on:   [Wikipedia]   [Google]   [Amazon]

Brian Krebs (born 1972) is an American
journalist A journalist is an individual that collects/gathers information in form of text, audio, or pictures, processes them into a news-worthy form, and disseminates it to the public. The act or process mainly done by the journalist is called journalis ...
and
investigative reporter Investigative journalism is a form of journalism in which reporters deeply investigate a single topic of interest, such as serious crimes, political corruption, or corporate wrongdoing. An investigative journalist may spend months or years res ...
. He is best known for his coverage of profit-seeking
cybercriminal A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...
s.Perlroth, Nicole.
Reporting From the Web's Underbelly.
''
The New York Times ''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
''. Retrieved February 28, 2014. Krebs is the author of a daily
blog A blog (a truncation of "weblog") is a discussion or informational website published on the World Wide Web consisting of discrete, often informal diary-style text entries (posts). Posts are typically displayed in reverse chronological order ...
, KrebsOnSecurity.com, covering
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, th ...
and
cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...
. From 1995 to 2009, Krebs was a reporter for ''
The Washington Post ''The Washington Post'' (also known as the ''Post'' and, informally, ''WaPo'') is an American daily newspaper published in Washington, D.C. It is the most widely circulated newspaper within the Washington metropolitan area and has a large nati ...
'' and covered tech policy, privacy and computer security as well as authoring the ''Security Fix'' blog. He is also known for interviewing hacker 0x80.


Early life and education

Born in 1972 in
Alabama (We dare defend our rights) , anthem = " Alabama" , image_map = Alabama in United States.svg , seat = Montgomery , LargestCity = Huntsville , LargestCounty = Baldwin County , LargestMetro = Greater Birmingham , area_total_km2 = 135,76 ...
, Krebs earned a B.A. in
International Relations International relations (IR), sometimes referred to as international studies and international affairs, is the Scientific method, scientific study of interactions between sovereign states. In a broader sense, it concerns all activities betwe ...
from
George Mason University George Mason University (George Mason, Mason, or GMU) is a public research university in Fairfax County, Virginia with an independent City of Fairfax, Virginia postal address in the Washington, D.C. Metropolitan Area. The university was orig ...
in 1994. His interest in cybercriminals grew after a
computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It wil ...
locked him out of his own computer in 2001.


Career


1999–2007

Krebs started his career at ''The Washington Post'' in the circulation department. From there, he obtained a job as a copy aide in the Post newsroom, where he split his time between sorting mail and taking dictation from reporters in the field. Krebs also worked as an editorial aide for the editorial department and the financial desk. In 1999, Krebs went to work as a staff writer for Newsbytes.com, a technology newswire owned by ''The Washington Post''. When the ''Post'' sold Newsbytes in 2002, Krebs transitioned to Washingtonpost.com in
Arlington, Virginia Arlington County is a County (United States), county in the Virginia, Commonwealth of Virginia. The county is situated in Northern Virginia on the southwestern bank of the Potomac River directly across from the Washington, D.C., District of Co ...
as a full-time staff writer. Krebs's stories appeared in both the print edition of the paper and Washingtonpost.com. In 2005, Krebs launched the ''Security Fix'' blog, a daily blog centered around computer security, cyber crime and tech policy. In December 2009, Krebs left Washingtonpost.com and launched KrebsOnSecurity.com. Krebs has focused his reporting at his blog on the fallout from the activities of several organized cybercrime groups operating out of
eastern Europe Eastern Europe is a subregion of the European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural, and socio-economic connotations. The vast majority of the region is covered by Russia, wh ...
that have stolen tens of millions of dollars from small to mid-sized businesses through
online In computer technology and telecommunications, online indicates a state of connectivity and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed "on line" or ...
banking fraud. Krebs has written more than 75 stories about small businesses and other organizations that were victims of online banking fraud, an increasingly costly and common form of cybercrime. Krebs wrote a series of investigative stories that culminated in the disconnection or dissolution of several Internet service providers that experts said catered primarily to cyber criminals. In August 2008, a series of articles he wrote for ''The Washington Post''s ''Security Fix'' blog led to the unplugging of a
northern California Northern California (colloquially known as NorCal) is a geographic and cultural region that generally comprises the northern portion of the U.S. state of California. Spanning the state's northernmost 48 counties, its main population centers incl ...
based hosting provider known as Intercage or Atrivo. During that same time, Krebs published a two-part investigation on illicit activity at domain name registrar EstDomains, one of Atrivo's biggest customers, showing that the company's president, Vladimir Tšaštšin, recently had been convicted of
credit card fraud Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The ...
,
document forgery A false document is a technique by which an author aims to increase verisimilitude in a work of fiction by inventing and inserting or mentioning documents that appear to be factual. The goal of a false document is to convince an audience that wha ...
and
money laundering Money laundering is the process of concealing the origin of money, obtained from illicit activities such as drug trafficking, corruption, embezzlement or gambling, by converting it into a legitimate source. It is a crime in many jurisdictio ...
. Two months later, the
Internet Corporation for Assigned Names and Numbers The Internet Corporation for Assigned Names and Numbers (ICANN ) is an American multistakeholder group and nonprofit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces ...
(ICANN), the entity charged with overseeing the domain registration industry, revoked EstDomains' charter, noting that Tšaštšin's convictions violated an ICANN policy that prohibits officers of a registrar from having a criminal record. In November 2011, Tšaštšin and five other men would be arrested by
Estonia Estonia, formally the Republic of Estonia, is a country by the Baltic Sea in Northern Europe, Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the Baltic Sea, sea across from Sweden, to ...
n authorities and charged with running a massive
click fraud Click, Klick and Klik may refer to: Airlines * Click Airways, a UAE airline * Clickair, a Spanish airline * MexicanaClick, a Mexican airline Art, entertainment, and media Fictional characters * Klick (fictional species), an alien race in the ...
operation with the help of the DNS Changer Trojan.


2008–2012

In November 2008, Krebs published an investigative series that led to the disconnection of
McColo McColo was a US-based web hosting service provider that was, for a long time, the source of the majority of spam-sending activities for the entire world. In late 2008, the company was shut down by two upstream providers, Global Crossing and Hur ...
, another northern California hosting firm that experts said was home to control networks for most of the world's largest
botnets A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its co ...
. As a result of Krebs' reporting, both of McColo's upstream Internet providers disconnected McColo from the rest of the Internet, causing an immediate and sustained drop in the volume of junk e-mail sent worldwide. Estimates of the amount and duration of the decline in spam due to the McColo takedown vary, from 40 percent to 70 percent, and from a few weeks to several months. Krebs is credited with being the first journalist, in 2010, to report on the malware that would later become known as
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing subs ...
. In 2012, he was cited in a follow-up to another breach of
credit Credit (from Latin verb ''credit'', meaning "one believes") is the trust which allows one party to provide money or resources to another party wherein the second party does not reimburse the first party immediately (thereby generating a de ...
and
debit card A debit card, also known as a check card or bank card is a payment card that can be used in place of cash to make purchases. The term '' plastic card'' includes the above and as an identity document. These are similar to a credit card, but ...
data, in this case potentially more than 10 million Visa and MasterCard accounts with transactions handled by Global Payments Inc. of
Atlanta, Georgia Atlanta ( ) is the capital and most populous city of the U.S. state of Georgia. It is the seat of Fulton County, the most populous county in Georgia, but its territory falls in both Fulton and DeKalb counties. With a population of 498,71 ...
.


2013–present

On March 14, 2013, Krebs became one of the first journalists to become a victim of swatting. On December 18, 2013, Krebs broke the story that
Target Corporation Target Corporation (doing business as Target and stylized in all lowercase since 2018) is an American big box department store chain headquartered in Minneapolis, Minnesota. It is the seventh largest retailer in the United States, and a compo ...
had been breached of 40 million credit cards. Six days later, Krebs identified a Ukrainian man who Krebs said was behind a primary black market site selling Target customers' credit and debit card information for as much as
US$ The United States dollar (symbol: $; code: USD; also abbreviated US$ or U.S. Dollar, to distinguish it from other dollar-denominated currencies; referred to as the dollar, U.S. dollar, American dollar, or colloquially buck) is the official ...
100 apiece. In 2014, Krebs published a book called ''Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door'', which went on to win a 2015 PROSE Award. In 2016, Krebs's blog was the target of one of the largest ever
DDoS In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
attacks, apparently in retaliation for Krebs's role in investigating the vDOS botnet. Akamai, which was hosting the blog on a ''
pro bono ( en, 'for the public good'), usually shortened to , is a Latin phrase for professional work undertaken voluntarily and without payment. In the United States, the term typically refers to provision of legal services by legal professionals for pe ...
'' basis, quit hosting his blog as a result of the attack, causing it to shut down. ,
Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronic ...
's Project Shield had taken over the task of protecting his site, also on a ''pro-bono'' basis. An article by Krebs on 27 March 2018 on KrebsOnSecurity.com about the mining software company and script "Coinhive" where Krebs published the names of admins of the German
imageboard An imageboard is a type of Internet forum that focuses on the posting of images, often alongside text and discussion. The first imageboards were created in Japan as an extension of the textboard concept. These sites later inspired the creation of ...
''pr0gramm'', as a former admin is the inventor of the script and owner of the company, was answered by an unusual protest action by the users of that imageboard. Using the pun of "Krebs" meaning "
Cancer Cancer is a group of diseases involving abnormal cell growth with the potential to invade or spread to other parts of the body. These contrast with benign tumors, which do not spread. Possible signs and symptoms include a lump, abnormal bl ...
" in German, they donated to charitable organisations fighting against those diseases, collecting more than 200,000 Euro (245,000 USD) of donations until the evening of 28 March to the Deutsche Krebshilfe charity. Prior to 2021, his investigation of First American Financial's prior data breach led to an SEC investigation that concluding that "ensuing company disclosures preceded executives’ knowledge of unaddressed, months-old IT security reports."


Awards and recognition

* 2004 –
Carnegie Mellon Carnegie may refer to: People * Carnegie (surname), including a list of people with the name * Clan Carnegie, a lowland Scottish clan Institutions Named for Andrew Carnegie * Carnegie Building (Troy, New York), on the campus of Rensselaer Poly ...
CyLab Cybersecurity Journalism Award of Merit * 2005 –
CNET ''CNET'' (short for "Computer Network") is an American media website that publishes reviews, news, articles, blogs, podcasts, and videos on technology and consumer electronics globally. ''CNET'' originally produced content for radio and televi ...
News.com listed ''Security Fix'' as one of the top 100 blogs, saying "Good roundup of significant security issues. The Washington Post's Brian Krebs offers a userful, first-person perspective". * 2009 – Winner of
Cisco Systems Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, ...
' 1st Annual "Cyber Crime Hero" Award * 2010 – Security Bloggers Network, "Best Non-Technical Security Blog" * 2010 – SANS Institute Top Cybersecurity Journalist Award * 2011 – Security Bloggers Network, "Blog That Best Represents the Industry" * 2014 – National Press Foundation, "Chairman's Citation Award" *2017 – ISSA's President’s Award For Public Service *2019 – CISO MAG’s Cybersecurity Person of the Year


Media appearances

Krebs speaks on computer security and cybercrime topics. In October 2011, he gave keynote addresses at in
Rotterdam Rotterdam ( , , , lit. ''The Dam on the River Rotte'') is the second largest city and municipality in the Netherlands. It is in the province of South Holland, part of the North Sea mouth of the Rhine–Meuse–Scheldt delta, via the ''"N ...
, Secure 2011 in
Warsaw Warsaw ( pl, Warszawa, ), officially the Capital City of Warsaw,, abbreviation: ''m.st. Warszawa'' is the capital and largest city of Poland. The metropolis stands on the River Vistula in east-central Poland, and its population is official ...
,
Poland Poland, officially the Republic of Poland, is a country in Central Europe. It is divided into 16 administrative provinces called voivodeships, covering an area of . Poland has a population of over 38 million and is the fifth-most populou ...
, SecTor 2011, in
Toronto, Ontario Toronto ( ; or ) is the capital city of the Canadian province of Ontario. With a recorded population of 2,794,356 in 2021, it is the most populous city in Canada and the fourth most populous city in North America. The city is the anc ...
,
Canada Canada is a country in North America. Its Provinces and territories of Canada, ten provinces and three territories extend from the Atlantic Ocean to the Pacific Ocean and northward into the Arctic Ocean, covering over , making it the world ...
, and FIRST 2011 in
Vienna en, Viennese , iso_code = AT-9 , registration_plate = W , postal_code_type = Postal code , postal_code = , timezone = CET , utc_offset = +1 , timezone_DST ...
,
Austria Austria, , bar, Östareich officially the Republic of Austria, is a country in the southern part of Central Europe, lying in the Eastern Alps. It is a federation of nine states, one of which is the capital, Vienna, the most populou ...
.


See also

*
Mirai (malware) Mirai (from the Japanese word for "future", 未来) is a malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer ...
* Intuit#Lawsuits * 0x80 *
mSpy mSpy is a brand of mobile and computer parental control monitoring software for iOS, Android, Windows, and macOS. The app allows users to monitor and log activity on the client device. History mSpy was launched as a product for mobile monit ...
* Russian Business Network * BlueLeaks * Dark0de


References


External links

*
Aghast at Avast’s iYogi Support


* {{DEFAULTSORT:Krebs, Brian 1972 births Living people Anti-spam American business and financial journalists American male journalists Writers about computer security American crime reporters American investigative journalists The Washington Post journalists American online journalists American activist journalists George Mason University alumni