Brian Krebs (born 1972) is an American

journalist A journalist is a person who gathers information in the form of text, audio or pictures, processes it into a newsworthy form and disseminates it to the public. This is called journalism. Roles Journalists can work in broadcast, print, advertis ...

and

investigative reporter Investigative journalism is a form of journalism in which reporters deeply investigate a single topic of interest, such as serious crimes, racial injustice, political corruption, or corporate wrongdoing. An investigative journalist may spend ...

. He is best known for his coverage of profit-seeking

cybercriminal Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. It has been variously defined as "a crime committed on a computer network, especially the Internet"; Cybercriminals may explo ...

s.Perlroth, Nicole.
Reporting From the Web's Underbelly.
''

The New York Times ''The New York Times'' (''NYT'') is an American daily newspaper based in New York City. ''The New York Times'' covers domestic, national, and international news, and publishes opinion pieces, investigative reports, and reviews. As one of ...

''. Retrieved February 28, 2014. Krebs is the author of a daily

blog A blog (a Clipping (morphology), truncation of "weblog") is an informational website consisting of discrete, often informal diary-style text entries also known as posts. Posts are typically displayed in Reverse chronology, reverse chronologic ...

, KrebsOnSecurity.com, covering

computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...

and

cybercrime Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or Computer network, networks. It has been variously defined as "a crime committed on a computer network, especially the Internet"; Cyberc ...

. From 1995 to 2009, Krebs was a reporter for ''

The Washington Post ''The Washington Post'', locally known as ''The'' ''Post'' and, informally, ''WaPo'' or ''WP'', is an American daily newspaper published in Washington, D.C., the national capital. It is the most widely circulated newspaper in the Washington m ...

'' and covered tech policy, privacy and computer security as well as authoring the ''Security Fix'' blog.

Early life and education

Born in 1972 in

Alabama Alabama ( ) is a U.S. state, state in the Southeastern United States, Southeastern and Deep South, Deep Southern regions of the United States. It borders Tennessee to the north, Georgia (U.S. state), Georgia to the east, Florida and the Gu ...

, Krebs earned a

B.A. A Bachelor of Arts (abbreviated B.A., BA, A.B. or AB; from the Latin ', ', or ') is the holder of a bachelor's degree awarded for an undergraduate program in the liberal arts, or, in some cases, other disciplines. A Bachelor of Arts degree ...

International Relations International relations (IR, and also referred to as international studies, international politics, or international affairs) is an academic discipline. In a broader sense, the study of IR, in addition to multilateral relations, concerns al ...

from

George Mason University George Mason University (GMU) is a Public university, public research university in Fairfax County, Virginia, United States. Located in Northern Virginia near Washington, D.C., the university is named in honor of George Mason, a Founding Father ...

in 1994. His interest in cybercriminals grew after a

computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will ...

locked him out of his own computer in 2001.

Chris Krebs Christopher Cox Krebs (born 1977) is an American attorney who served as Director of the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security from November 2018 until November 17, 2020, when Presid ...

is not related to Brian Krebs.

Career

1999–2007

Krebs started his career at ''

'' in the circulation department. From there, he obtained a job as a copy aide in the Post newsroom, where he split his time between sorting mail and taking dictation from reporters in the field. Krebs also worked as an editorial aide for the editorial department and the financial desk. In 1999, Krebs went to work as a staff writer for Newsbytes.com, a technology newswire owned by ''The Washington Post''. When the ''Post'' sold Newsbytes in 2002, Krebs transitioned to Washingtonpost.com in

Arlington, Virginia Arlington County, or simply Arlington, is a County (United States), county in the U.S. state of Virginia. The county is located in Northern Virginia on the southwestern bank of the Potomac River directly across from Washington, D.C., the nati ...

as a full-time staff writer. Krebs's stories appeared in both the print edition of the paper and Washingtonpost.com. In 2005, Krebs launched the ''Security Fix'' blog, a daily blog centered around computer security, cyber crime and tech policy. In December 2009, Krebs left Washingtonpost.com and launched KrebsOnSecurity.com. Krebs has focused his reporting at his blog on the fallout from the activities of several organized cybercrime groups operating out of

eastern Europe Eastern Europe is a subregion of the Europe, European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural and socio-economic connotations. Its eastern boundary is marked by the Ural Mountain ...

that have stolen tens of millions of dollars from small to mid-sized businesses through

online In computer technology and telecommunications, online indicates a state of connectivity, and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed as "on lin ...

banking fraud A bank is a financial institution that accepts deposits from the public and creates a demand deposit while simultaneously making loans. Lending activities can be directly performed by the bank or indirectly through capital markets. As ban ...

. Krebs has written more than 75 stories about small businesses and other organizations that were victims of online banking fraud, an increasingly costly and common form of cybercrime.

2008–2012

Krebs wrote a series of investigative stories that culminated in the disconnection or dissolution of several Internet service providers that experts said catered primarily to cyber criminals. In August 2008, a series of articles he wrote for ''The Washington Post''s ''Security Fix'' blog led to the unplugging of a

northern California Northern California (commonly shortened to NorCal) is a geocultural region that comprises the northern portion of the U.S. state of California, spanning the northernmost 48 of the state's List of counties in California, 58 counties. Northern Ca ...

based hosting provider known as Intercage or Atrivo. During that same time, Krebs published a two-part investigation on illicit activity at domain name registrar

EstDomains EstDomains was a website hosting provider and a Delaware corporation headquartered in downtown Tartu, Estonia. EstDomains was known for hosting websites with malware, child pornography, and other illegal content. Brian Krebs of ''The Washington ...

, one of Atrivo's biggest customers, showing that the company's president, Vladimir Tšaštšin, recently had been convicted of

credit card fraud Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The P ...

, document forgery and

money laundering Money laundering is the process of illegally concealing the origin of money obtained from illicit activities (often known as dirty money) such as drug trafficking, sex work, terrorism, corruption, and embezzlement, and converting the funds i ...

. Two months later, the

Internet Corporation for Assigned Names and Numbers The Internet Corporation for Assigned Names and Numbers (ICANN ) is a global multistakeholder group and nonprofit organization headquartered in the United States responsible for coordinating the maintenance and procedures of several dat ...

(ICANN), the entity charged with overseeing the domain registration industry, revoked EstDomains' charter, noting that Tšaštšin's convictions violated an ICANN policy that prohibits officers of a registrar from having a criminal record. In November 2011, Tšaštšin and five other men would be arrested by

Estonia Estonia, officially the Republic of Estonia, is a country in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the Baltic Sea across from Sweden, to the south by Latvia, and to the east by Ru ...

n authorities and charged with running a massive

click fraud Click fraud is a type of ad fraud that occurs on the Internet in pay per click (PPC) online advertising. In this type of advertising, the owners of websites that post the ads are paid based on how many site visitors click on the ads. Fraud occurs ...

operation with the help of the DNS Changer Trojan. In November 2008, Krebs published an investigative series that led to the disconnection of

McColo McColo was a US-based web hosting service provider that was, for a long time, the source of the majority of spam-sending activities for the entire world. In late 2008, the company was shut down by two upstream providers, Global Crossing and Hurr ...

, another northern California hosting firm that experts said was home to control networks for most of the world's largest

botnets A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform distributed denial-of-service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conne ...

. As a result of Krebs's reporting, both of McColo's upstream Internet providers disconnected McColo from the rest of the Internet, causing an immediate and sustained drop in the volume of

junk e-mail Email spam, also referred to as junk email, spam mail, or simply spam, refers to unsolicited messages sent in bulk via email. The term originates from a Monty Python sketch, where the name of a canned meat product, "Spam," is used repetitively, m ...

sent worldwide. Estimates of the amount and duration of the decline in spam due to the McColo takedown vary, from 40 percent to 70 percent, and from a few weeks to several months. Krebs is credited with being the first journalist, in 2010, to report on the malware that would later become known as

Stuxnet Stuxnet is a Malware, malicious computer worm first uncovered on June 17, 2010, and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsibl ...

. In 2012, he was cited in a follow-up to another breach of

credit Credit (from Latin verb ''credit'', meaning "one believes") is the trust which allows one party to provide money or resources to another party wherein the second party does not reimburse the first party immediately (thereby generating a debt) ...

and

debit card A debit card, also known as a check card or bank card, is a payment card that can be used in place of cash to make purchases. The card usually consists of the bank's name, a card number, the cardholder's name, and an expiration date, on either ...

data, in this case potentially more than 10 million Visa and MasterCard accounts with transactions handled by

Global Payments Inc. Global Payments Inc. is an American multinational financial technology company that provides Financial transaction, payment technology and services to merchants, issuers and consumers. In June 2021, the company was named to the Fortune 500. The c ...

Atlanta, Georgia Atlanta ( ) is the List of capitals in the United States, capital and List of municipalities in Georgia (U.S. state), most populous city in the U.S. state of Georgia (U.S. state), Georgia. It is the county seat, seat of Fulton County, Georg ...

2013–present

On March 14, 2013, Krebs became one of the first journalists to become a victim of

swatting Swatting is a form of criminal harassment that involves deceiving an emergency service (via such means as hoaxing an emergency services dispatcher) into sending a police or emergency response team to another person's location. This is achieved ...

. On December 18, 2013, Krebs broke the story that

Target Corporation Target Corporation is an American retail corporation that operates a chain of discount department stores and hypermarkets, headquartered in Minneapolis, Minnesota. It is the seventh-largest retailer in the United States, and a component of th ...

had been breached of 40 million credit cards. Six days later, Krebs identified a Ukrainian man who Krebs said was behind a primary black market site selling Target customers' credit and debit card information for as much as

US$ The United States dollar (Currency symbol, symbol: Dollar sign, $; ISO 4217, currency code: USD) is the official currency of the United States and International use of the U.S. dollar, several other countries. The Coinage Act of 1792 introdu ...

100 apiece. In 2014, Krebs published a book called ''Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door'', which went on to win a 2015

PROSE Award The PROSE Awards (where ''PROSE'' is an abbreviation for "professional and scholarly excellence") are presented by the Association of American Publishers' (AAP) Professional and Scholarly Publishing (PSP) Division. Presented since 1976, the award ...

. In 2016, Krebs's blog was the target of one of the largest ever

DDoS In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host co ...

attacks using the Mirai malware, apparently in retaliation for Krebs's role in investigating the vDOS botnet. Akamai, which was hosting the blog on a ''

pro bono ( English: 'for the public good'), usually shortened to , is a Latin phrase for professional work undertaken voluntarily and without payment. The term traditionally referred to provision of legal services by legal professionals for people who a ...

'' basis, quit hosting his blog as a result of the attack, causing it to shut down. ,

Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...

Project Shield Project Shield is a free service providing protection against distributed denial-of-service (DDoS) attacks. This service is offered by Jigsaw_(company), Jigsaw, a subsidiary of Google, to websites that have "media, elections, and human rights r ...

had taken over the task of protecting his site, also on a ''pro-bono'' basis. An article by Krebs on 27 March 2018 on KrebsOnSecurity.com about the mining software company and script "Coinhive" where Krebs published the names of admins of the German

imageboard An imageboard is a type of Internet forum that focuses on the posting of images, often alongside text and discussion. The first imageboards were created in Japan as an extension of the textboard concept. These sites later inspired the creation of ...

''pr0gramm'', as a former admin is the inventor of the script and owner of the company, was answered by an unusual protest action by the users of that imageboard. Using the pun of "Krebs" meaning "

Cancer Cancer is a group of diseases involving Cell growth#Disorders, abnormal cell growth with the potential to Invasion (cancer), invade or Metastasis, spread to other parts of the body. These contrast with benign tumors, which do not spread. Po ...

" in

German German(s) may refer to: * Germany, the country of the Germans and German things **Germania (Roman era) * Germans, citizens of Germany, people of German ancestry, or native speakers of the German language ** For citizenship in Germany, see also Ge ...

, they donated to charitable organisations fighting against those diseases, collecting more than 200,000 Euro of donations until the evening of 28 March to the Deutsche Krebshilfe charity. Prior to 2021, his investigation of

First American Financial First American Financial Corporation is an American financial services company which provides title insurance and settlement services to the real estate and mortgage industries. The First American Family of Companies’ core business lines incl ...

's prior data breach led to an SEC investigation that concluding that "ensuing company disclosures preceded executives’ knowledge of unaddressed, months-old IT security reports."

Awards and recognition

* 2004 –

Carnegie Mellon Carnegie may refer to: People *Carnegie (surname), including a list of people with the name **Andrew Carnegie, Scottish-American industrialist and philanthropist * Clan Carnegie, a lowland Scottish clan Institutions Named for Andrew Carnegie * ...

CyLab Cybersecurity Journalism Award of Merit * 2005 – CNET News.com listed ''Security Fix'' as one of the top 100 blogs, saying "Good roundup of significant security issues. The Washington Post's Brian Krebs offers a userful, first-person perspective". * 2009 – Winner of

Cisco Systems Cisco Systems, Inc. (using the trademark Cisco) is an American multinational corporation, multinational digital communications technology conglomerate (company), conglomerate corporation headquartered in San Jose, California. Cisco develops, m ...

' 1st Annual "Cyber Crime Hero" Award * 2010 – Security Bloggers Network, "Best Non-Technical Security Blog" * 2010 – SANS Institute Top Cybersecurity Journalist Award * 2011 – Security Bloggers Network, "Blog That Best Represents the Industry" * 2014 – National Press Foundation, "Chairman's Citation Award" *2017 – ISSA's President's Award For Public Service *2019 – CISO MAG’s Cybersecurity Person of the Year

References

External links

*
Aghast at Avast’s iYogi Support

* {{DEFAULTSORT:Krebs, Brian 1972 births Living people Anti-spam American business and financial journalists American male journalists Writers about computer security American crime reporters American investigative journalists The Washington Post journalists American online journalists American activist journalists George Mason University alumni