Brian Krebs

Brian Krebs (born in Alabama in 1972) is an American journalist and investigative reporter. Krebs is the author of KrebsOnSecurity.com, a daily blog on computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for The Washington Post, where he covered tech policy, privacy and computer security, and authored the Security Fix blog [1]

Contents

History

Krebs started his career at The Washington Post in the circulation department. From there obtained a job as a copy aide in the Post newsroom, where he split his time between sorting mail and taking dictation from reporters in the field. Krebs also worked as an editorial aide for the Editorial Department and the Financial Desk. In 1999, Krebs went to work as a staff writer for Newsbytes.com, a technology newswire owned by The Washington Post.

When the Post sold Newsbytes in 2002, Krebs transitioned to Washingtonpost.com in Arlington, VA. as a full-time staff writer. Krebs's stories appeared in both the print edition of the paper and Washingtonpost.com. In 2005, Krebs launched the Security Fix blog, a daily blog centered around computer security, cyber crime and tech policy. In Dec. 2009, Krebs left Washingtonpost.com and launched KrebsOnSecurity.com.

Krebs earned a B.A. in International Relations from George Mason University in 1994.

Career

Most recently, Krebs has focused his reporting on the fallout from the activities of several organized cybercrime groups operating out of Eastern Europe that have stolen tens of millions of dollars from small to mid-sized businesses through online banking fraud[2]. Krebs has written more than 75 stories about small businesses and other organizations that were victims of online banking fraud, an increasingly costly and common form of cybercrime.

He is perhaps best known for a series of investigative stories that culminated in the disconnection or dissolution of several Internet service providers that experts said catered primarily to cyber criminals. In August 2008, a series of articles Krebs wrote for The Washington Post's Security Fix blog led to the unplugging of a Northern California based hosting provider known as Intercage or Atrivo[3].

During that same time, Krebs published a two-part investigation on illicit activity at domain name registrar EstDomains, one of Atrivo's biggest customers, showing that the company's president, Vladimir Tsastsin, recently had been convicted of credit card fraud, forgery and money laundering[4]. Two months later, the Internet Corporation for Assigned Names and Numbers (ICANN), the entity charged with overseeing the domain registration industry, revoked EstDomains' charter, noting that Tsastsin's convictions violated an ICANN policy that prohibits officers of a registrar from having a criminal record[5]. In Nov. 2011, Tsastin and five other men would be arrested by Estonian authorities and charged with running a massive click-fraud operation with the help of the DNS Changer Trojan[6].

In November 2008, Krebs published an investigative series that led to the disconnection of McColo, another Northern California hosting firm that experts said was home to control networks for most of the world's largest botnets[7]. As a result of Krebs' reporting, both of McColo's upstream Internet providers disconnected McColo from the rest of the Internet, causing an immediate and sustained drop in the volume of junk e-mail sent worldwide. Estimates of the amount and duration of the decline in spam due to the McColo takedown vary, from 40 percent to 70 percent, and from a few weeks to several months[8].

More recently, Krebs is credited[9] with being the first journalist to report on the malware that would later become known as Stuxnet[10].

Selected articles from The Washington Post

Awards and recognition

Recent media appearances

Krebs is a frequent speaker on computer security and cybercrime topics. In Oct. 2011, he gave keynote addresses at Govcert.nl in Rotterdam[17]; Secure 2011 in Warsaw, Poland[18]; SecTor 2011, in Toronto, Canada[19]; and FIRST 2011 in Vienna, Austria[20].

References

  1. ^ http://voices.washingtonpost.com/securityfix
  2. ^ http://krebsonsecurity.com/category/smallbizvictim
  3. ^ http://voices.washingtonpost.com/securityfix/2008/08/report_slams_us_host_as_major.html
  4. ^ http://voices.washingtonpost.com/securityfix/2008/09/estdomains_a_sordid_history_an.html
  5. ^ http://voices.washingtonpost.com/securityfix/2008/10/icann_de-accredits_estdomains.html
  6. ^ http://www.justice.gov/usao/nys/vladimirtsastsin.html
  7. ^ http://voices.washingtonpost.com/securityfix/2008/11/major_source_of_online_scams_a.htm
  8. ^ http://cbl.abuseat.org/mccolo.html
  9. ^ //www.vanityfair.com/culture/features/2011/04/stuxnet-201104
  10. ^ http://en.wikipedia.org/wiki/Stuxnet
  11. ^ https://365.rsaconference.com/blogs/security-blogger-meetup/2011/01/10/and-the-winners-are
  12. ^ http://www.sans.org/top-journalists/
  13. ^ ttps://365.rsaconference.com/blogs/security-blogger-meetup/2010/03/04/theyre-all-winners
  14. ^ http://www.cisco.com/en/US/prod/collateral/vpndevc/cisco_2009_asr.pdf
  15. ^ News.com's Blog 100 | CNET News.com
  16. ^ 2004 Cybersecurity Journalism Awards :: CyLab
  17. ^ http://www.govcert.nl/symposium/Symposium+2011/Programme/day1.html
  18. ^ http://www.secure.edu.pl/en/agenda.php
  19. ^ http://sector.ca/schedule.htm
  20. ^ http://conference.first.org/2011/program/index.aspx"

External links