In the past eight years that I have been writing about IT security as a day job across four different websites, one figure has loomed large over IT security journalism and that is Brian Krebs.
I’ve been at the same events as him, and seen him in press rooms, on stage but yet to meet him in person. Despite that, his efforts in investigative journalism have changed the face of IT security journalism. Without his work the breaches at Target and Adobe (to name two) would not have been as well publicised, the actions of nefarious individuals would have been revealed to a much lesser extent, and the concept of going the extra mile not have had a benchmark.
News emerged this week that his website came under an unprecedented 620 Gpbs attack, and after his pro bono protection service was no longer able to sustain the attack, his website appears to have gone offline. For me this is one of the worst pieces of news to happen to the industry. Having written for 4 websites as a day job, and contributed to many others, I’d like to think that my work exists online as a way for me to mark my own improvements as a writer, but also to refer back to those stories that dominated my time – Conficker, Stuxnet, Flame, Snowden, ebay breach, LulzSec, Anonymous. The list is pretty endless, and at the centre of it not bowing to what the marketeers wanted him to write was Brian Krebs.
His tweet from last night suggested that he was taking time out, I assume this is temporary as he sets up a new domain and transfers some of that excellent content over. I really want to use this blog to get someone to keep Krebs speaking, investigating and writing – the security industry is the better off for people like him and his work, and to have it removed due to a phenomenal attack is a great shame.