DDoS mitigation giant Akamai, who were hosting the website of security blogger Brian Krebs free of charge, have dropped him from their servers, after his website was subject to the biggest recorded DDoS attack.
Coming in at a handsome 620Gbps, the DDoS suffered by Kreb's website is predicted to be in response to the blogger reporting of outfit vDOS who were offering a DDoS-as-a-service type company.
The service was run by two Israelis who were consequently arrested after Krebs reported about them. The website is now down and still under attack.
Krebs tweeted on Thursday night, "It's looking likely that KrebsOnSecurity will be offline for a while, Akamai's kicking me off their network tonight."
"I can't really fault Akamai for their decision," Krebs added. "I likely cost them a ton of money today."
There was much speculation on the reason why this happened, as attacks of that scale presumably cost a huge amount of money to mitigate.
SCMagazineUK.com spoke with Robert Morton, director of PR for Akamai, who confirmed that as Brian Krebs's website was being hosted pro-bono, and although it wasn't easy, they had to make the business decision to prioritise paying customers.
Morton confirmed that while fighting this attack, “size was definitely a factor” which made them reconsider hosting the website. It should also be noted, this is not the first time his website came under attack.
Recognising the impression this gives, that Akamai have given in and “the criminals have won”, Morton said that, “for the days we were protecting him, his website stayed up”.
The plot thickens further, as European web hmosting company OVH confirmed it was suffering a DDoS nearer to the 1Tbps. Mickael Delcroix, press officer for OVH, said that the company had developed a new VAC able to clean up 5Tbps of traffic in response to this.
OVH's CTO Octave Klaba confirmed on Twitter that, “the simultaneous DDoS [attacks they were suffering] are close to 1Tbps” and said that the DDoS network carrying out their attack contained 145607 DVR cameras capable of sending a >1.5Tbps DDoS in total.Security researcher Mustafa Al-Bassam said it is, “the largest DDoS attack ever recorded.”