Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interviews: Ask Brian Krebs About Security and Cybercrime

Posted by samzenpus on from the go-ahead-and-ask dept.

Brian Krebs got his start as a reporter at The Washington Post and after having his entire network taken down by the Lion Worm, crime and cybersecurity became his focus. In 2005, Krebs started the Security Fix blog and Krebs On Security in 2009, which remains one of the most popular sources of cybercrime and security news. Brian is credited with being the first journalist to report on Stuxnet and one of his investigative series on the McColo botnet is estimated to have led to a 40-70% decline in junk e-mail sent worldwide. Unfortunately for Krebs, he's also well known to criminals. In 2013 he became one of the first journalists to be a victim of Swatting and a few months later a package of heroin was delivered to his home. Brian has agreed to give us some of his time and answer any questions you may have about crime and cybersecurity. As usual, ask as many as you'd like, but please, one per post.

13 of 53 comments (clear)

  1. Cowards as affiliates by japa · · Score: 5, Interesting

    You appear dedicated on continuing reporting on cybercrime, even though it may result to harm you (swatting etc). How often have you come into situation where someone you work with states they don't want to work with you any longer as association to you may result them to being target for criminals or some such?

  2. Long term solutions? by mlts · · Score: 3

    Right now, security is a purely defensive battle, at best we have the enemy at a stalemate, where their attacks are foiled. There is no way to "win", since the attacker usually is located in a country with little to no cyber-crime laws, or even in a hostile country that rewards it. At best, we tread water.

    Would a long term solution be creating private networks like SIPRNet or NIPRNet, so that the barrier for entry is raised, so an attacker has to get onto that private network, and this might be something where physical access is needed. Not 100% secure, but it raises the bar so that attackers have to have "boots on the ground".

    If not, what would be workable, other than just air-gapping as much as possible? Would it be wise for each nation to mimic China and have their own Great Firewall, so attacks have the ability to be be stopped well away from their intended targets?

    1. Re:Long term solutions? by gstoddart · · Score: 3, Interesting

      Awesome, we'll have a bunch of walled gardens, beholden to corporate interests, tightly controlled by governments, and which will still be full of security holes.

      What could possibly go wrong?

      --
      Lost at C:>. Found at C.
    2. Re:Long term solutions? by pseudorand · · Score: 2

      Actually, that solution would work well. The hackers would be the only ones left with true internet access that could get to any host in the world. They'd then sell that access to the public. And once we're their customers, they'd be more reluctant to harm our computers since that would mean we'd use less of the service they're selling. We'd just have to make sure all those independent networks were insecure enough that lots of hackers could break in to all of them, thereby fostering competition and keeping the price reasonable.

  3. Regrets by Anonymous Coward · · Score: 2, Interesting

    Do you regret any of the investigative techniques or decisions you have made over the years in relation to your security reporting?

  4. Public Disclosure by Anonymous Coward · · Score: 5, Interesting

    Brian,

    Are you generally in the Responsible Disclosure camp xor the Full Disclosure camp? And why?
    (I recognize that you may handle this on a case by case basis. In that event, what determines your approach?)

    -Bryant
    a local Washingtonian.

  5. Polls and Video Bytes? by gatzke · · Score: 4, Funny

    Is there any way you could break into Dice servers and move the /. polls back to the sidebar and maybe turn off the Video Bytes (or make it a slashbox?) Alternatively, could you suggest a black or white hat to do this for us?

  6. China by AdamD1 · · Score: 4, Interesting

    Hello Brian. I'm a long time reader and fan.

    I had a question regarding the frequency with which we hear about China being a major source of "state-sponsored" advanced persistent threat (APC) hacking. Many news outlets have referred to "Unit 61398" as a source for much of these attacks and data thefts.

    Should we take Chinese hacks seriously as a threat? Do you feel it's an issue that will ever be resolved?

    Thanks

    ad

    --
    Because I can! [Brainrub.com]
    1. Re:China by amicusNYCL · · Score: 2

      we hear about China being a major source of "state-sponsored" advanced persistent threat (APC)

      APC? Is that Advanced Persistent Chinese?

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  7. Should We Trust Kaspersky? by Kagato · · Score: 4, Interesting

    As we seem to be heading back down into the familiar territory of the cold war I often wonder if nationalism is something we should consider when thinking about security. For instance I believe that Kaspersky is a very talented company but I can't help but to feel that they would be quite willing to turn a blind eye to malware from their own government. I hear commercials for Kaspersky threat detection software all the time but I would be hard pressed to actually use any of it. It certainly seems China, Russia and parts of Europe are taking country of origin into account when evaluating American security products. Am I wearing a tin-foil hat in feeling we should think twice about trusting Kaspersky?

  8. White vs Grey Hat by Midnight_Falcon · · Score: 2

    Hey Brian,
    I'm wondering what side of the fence you think you are on. Your readership and affilitations seem to be the mainstream "white-hat" security community; but many of your tactics can be described as grey-hat at best -- e.g. doxxing hackers/malware authors/spammers, using social engineering to obtain information, etc. It seems as though this is justified because it is used against targets you perceive as being immoral, unethical, and/or worthy of such intrusion. My question is: do you feel you are a white-hat hacker, or do you think your use of black-hat tactics against black hats makes you something different?

  9. And Hilarity Ensued by sanjacguy · · Score: 3, Interesting

    What's the dumbest thing you've seen black hat hackers do?

  10. Re:Kaspersky by Fortran+IV · · Score: 3, Interesting

    You recently blogged ("Malware Evolution Calls for Actor Attribution") criticizing security companies that don't make the effort to identify the creators of malware. Do you think there are times when a company—such as Kaspersky in their recent attack—could be acting responsibly by deliberately suppressing (temporarily, one would hope) information they might have about the source of an attack?

    --
    I figure by 2030 or so my 6-digit UID will be something to brag about.