Interview with a fearless cyber crime journalist

Brian Krebs is one of the best cyber crime journalists of his generation. He’s done more investigative reporting on the topic than anyone I know, displaying a deeper understanding of organized cyber criminal gangs than most cyber cops.

Brian has helped take down massive bot nets, tracked cyber crime bosses to their offices, and publicly presented volumes of detailed criminal evidence. He doesn’t just summarize — he shows you figures, links, bank accounts, and emails. Brian’s investigations have taken him to Russia, where he has interviewed surprised criminal masterminds who were arrested weeks later.

[ Brace yourself for IT’s 9 biggest security threats. | Find out how to block the viruses, worms, and other malware that threaten your business. | Learn how to protect your systems with InfoWorld’s Security Central newsletter. ]

The projects that Brian has been a part of have surely prevented tens of thousands of innocent people from becoming victims. Brian’s dedication and willingness to risk his own well-being put him in a class by himself. I think of Brian Krebs as an American hero.

I asked Brian to take a break from his award-winning blog KrebsOnSecurity to respond to a few questions.

Q: How did you get started writing about and investigating cyber crime?

A: The short story is that I started at the Washington Post at the end of 1995, working up from delivering mail to pitching stories to working one of the wire services, Newsbytes, in 1999. I started writing about technology and sometimes computer security.

Along the way I learned how to use Linux, then got hit by the Lion worm. It was my own stupid fault for getting infected, but learning what it did and how it did it got me interested in computer security.

In 2002 or 2003, I started working at Washingtonpost.com, and I started focusing on computer security topics. My editors didn’t always appreciate what I pitched because the topics I wanted to focus on weren’t always the type of stories that editors would traditionally put in a newspaper. But often the topics that I pitched — and they rejected — would end up a few weeks later in other newspapers, like the Wall Street Journal. They began to see the value and gave me my first blog, Security Fix. I loved that. I was able to get out topics I wanted to write about and do it far faster than what could be done in print.

Q: Why did you leave the Washington Post?

A: In 2009, washingtonpost.com merged with the print newspaper and a bunch of the dot-com people got let go, including me. They wanted me to write about topics that I wasn’t interested in covering, so we went our separate ways. I started my new blog, KrebsOnSecurity, at the end of 2009.

Q: Upon reflection, was it a good decision to leave a highly respected newspaper for the blog world?

A: It’s easily the best thing that ever happened to me. It gave me freedom. Besides allowing me to write about the topics I want to write about, it allows me to write about things when they are ready. My blog gives me the time to devote to a story. I have the luxury of being able to sit on a story to learn more and develop it more. I don’t have to write two, three, or four stories a day, on topics picked by someone else, like some other reporters have to. I can take my time and dig deeper. I can do original reporting.

Q: How did you start getting into the Russian-organized cyber crime?

A: That’s where the type of crime I like to investigate often intersects. I started investigating the Russian Business Network and moved out from there. I realized that most of the major cyber crime is done by a few hundred people, many of them Russian. A few hundred people produce the malware, provide the services, and so on. There are lots of wannabes and posers, but the guys who are the glue for the community is a far smaller, more elite group. I thought it would be interesting to learn and isolate who some of the major players are, so I discovered some of the places and platforms where they hang out. I got tired of using translation services, and I’ve always had a fascination with foreign languages, so I started to teach myself Russian.

Q: How do you go to Russia, investigate syndicate crime bosses, meet them in person on their own turf, and not get killed?

A: (laughs) I certainly don’t think what I do is something that would get me killed and I don’t want to become a target. But if there is a strategy, it’s that I didn’t tell anyone I was going to Russia. I certainly surprised the people that I went to see. If they had known I was coming maybe they would not have met with me. Surprise is a nice tool to be able to use. I had a little despair when I first got to Russia, in St. Petersburg. I had a Google alert for my name on various Russian cyber crime sites, and on some Russian blog, there was a posting telling everyone that I was there and what hotel I was staying in.

Q: What is the biggest roadblock to shutting down organized cyber crime?

A: Corruption. As long as the level of corruption is what is it, it will be difficult. For example, in this one case it was clear that the individuals involved, who were about to be arrested, were given the heads-up by the law enforcement authorities, because they all slipped out of the country when the searches for them went down. The law enforcement guys have their work cut out for them. Tracking and proving financial cyber crime is hard. It’s far easier for them to convict child pornographers.

Q: Your website is often hit by denial-of-service attacks. How is that going?

A: Better. I have the services of [a well known anti-DDoS vendor] and that seems to be helping. I used to be attacked at least once a week. Now it’s less.

Q: What’s next for Brian Krebs?

A: I’m writing a book. I’ve got 60,000 words done. I’ve been working on it for two years, mostly research time.

Q: Do you want to share the name?

A: No.

Q: Surprise is a theme, I see. Well, thanks for talking to us today, and keep up the good fight!

This story, “Interview with a fearless cyber crime journalist,” was originally published at InfoWorld.com. Keep up on the latest developments in network security and read more of Roger Grimes’ Security Adviser blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.