Social Media Sneak Attack (UPDATED!)
Posted by Twitter's Tee Morris | Posted in Blogging, Twitter in the News | Posted on 06-08-2009
Tags: Blogging, communications, computers, Denial-of-Service, DoS, Facebook, hack, hackers, LiveJournal, technology, Twitter, Twitter in the News
8
What — a — day.
It all started this morning when, from Twitter Status, this nugget of good news arrived, explaining the odd, intermittent service:
We are defending against a denial-of-service attack, and will update status again shortly.
For those of you (like me) who didn’t know what a Denial-of-Service or DoS Attack was at the beginning of the day, you probably know what it is now. The U.S. Computer Emergency Readiness Team (CERT) defines a DoS Attack as the following:
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, web sites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker “floods” a network with information. When you type a URL for a particular web site into your browser, you are sending a request to that site’s computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can’t process your request. This is a “denial of service” because you can’t access that site.
This attack didn’t stop with Twitter, though, as Wired Magazine gave confirmation that Facebook was also under a DoS attack…
Facebook has confirmed to Wired.com that — like Twitter — it was the victim of a denial-of-service attack Thursday morning.
“Earlier this morning, Facebook encountered network issues related to an apparent distributed denial-of-service attack, that resulted in degraded service for some users,” responded Facebook spokeswoman Kathleen Loughlin via e-mail.
And now from several news sources, Epoch Times cited in this column, the popular blogging site LiveJournal is also being hammered and hammered hard…
Popular blog site LiveJournal also confirmed that it had been hit by a DoS attack. The company said that an attack had occurred at approximately 6 a.m. Pacific time.
The denial-of-service attacks are the latest in a round of such attacks. In July of this year, several websites run by the U.S. government, the New York Stock Exchange and websites in South Korea were taken down by similar attacks. While North Korea was suspected to be involved in those attacks, analysts have indicated in interviews with The Epoch Times that it was most likely the Chinese Communist Party helping North Koreans with the technology to launch the attacks.
In no way am I suggesting that the sky is falling, but I will give a bit of thought to what David Grizzly Smith asked me after my original posting on this morning’s assault on Twitter:
Given the whole thing with #iranelection, think the State Department will investigate the DDoS?
I’m hoping that someone up on Capitol Hill is paying attention. No, I don’t think this is Social Media’s 9-11, but something is most definitely afoot. This isn’t just a fluke happening. To hit Twitter, Facebook, and LiveJournal is impressive in a particularly scary way. It will be some time before the dust clears until we discover the responsible party behind these attacks, but right now we must all remain patient and (above all) calm. The creators and developers of these Social Media outlets are all working to keep their services online. I also have faith that other administrators to other popular sites are preparing for similar attacks. We, as the consumers, must keep our own heads about us and not flip out.
Today’s a weird, weird day…but consider this: Tomorrow’s Friday.
UPDATE
From the Twitter Status blog:
Thursday, 4:14 p.m. Site latency has continued to improve, however some web requests continue to fail. This means that some people may be unable to post or follow from the website.
From the blog comments, Aline sends in word from the New York Times that Google was also hit in the DoS onslaught. The article goes on to comment:
But Bill Woodcock, research director of the Packet Clearing House, a nonprofit technical organization that tracks Internet traffic, said the attack was an extension of the conflict between Russia and Georgia.
It was not clear who initiated the attack, Mr. Woodcock said, but it was likely that “one side put up propaganda, the other side figured this out and is attacking them.” He said he found evidence that the attacks had originated from the Abkhazia region, a territory on the Black Sea disputed between Russia and Georgia.
Twitter is still a tag sluggish (although TweetDeck is running like a champ), but they are online and running. Remember, if your account starts acting squirrely, swing by Twitter Status and see what is going on back aboard the Mothership.
Stumbled too
I’m seriously like a crack whore looking for her next hit. I think I have a problem ….
We need a 12 step program for this, @daNanner. Didn’t someone post a 12 Step Program for Twitter like 12 months ago? That would be funny to surface again.
Just read a NYTimes piece that mentioned Russia and Georgia had something to do with the attacks. And earlier someone mentioned that DefCon was, well, last weekend. This is the same kind of attack many Twitterers were helping out with following the election and giving IP addresses. I’m not worried. It just makes me realize how vulnerable mass communication can be at times.
Here’s a link to the NYTimes article http://tinyurl.com/kmzrvn
And I meant after the Iranian election.
P.S. Tee, like the day/month/year format but at first I thought you were psychic.
Tee, this is definitely a test of trying to knock out social media communications in prelude of another 9/11-type attack. Since the bombing in Bombay earlier this year, it seems to be logically clear (from a tactical/military POV–in fact, even a blind man can see this) that those parties are trying to disable the social media networks, so that when physical attacks do come in the form of hijackings, explosives, chemicals or biological agents, then the twitters of the world will not be available to the citizens to engage in communications to react and organize and recover from such attacks quickly.
Now, does this sound like a gloom-and-doom prediction? No, not at all. Just logical sense, if you have any experience in the military and combat (in fighting an enemy) and are looking at this without your baggage of opinionated and wishful rose-glass thinking, but instead focus on the harsh realities that no one wants to consider and then plan defenses for. Yes, I know that world hunger is a tragedy and that curing it is a noble goal–but the rest of the world that plans and implements physical attacks on innocents lives in reality, not in idealistic noble thoughts.
I agree with one of your thoughts, Tee–not just Capitol Hill, but the PENTAGON must get involved and see this for what it could be … a prelude test to something more ominous.
-(yes, I have been in combat during my life in an unpopular war, and I have fought against a relentless enemy that never played by the “rules” that the US has considered as “fair”–there is no such criteria when dealing with these types of enemies)
Fred…
First, thank you for your service to your country. I’ve said it before — I never stepped up and served. You did. It might have just been a job to you, so thank you.
Second, I found out this morning about Google and that was when I seriously reconsidered my own comment about this being Social Media’s 9-11. I still don’t think it is, but I do agree with you that yesterday’s hack attack could be looked upon as a precursor to a Social Media 9-11. Maybe yesterday could be the equivalent of the 1993 World Trade Center Attack. Reading and re-reading your comment here, I do not find your comment harsh, cold, or ugly. It’s the truth.
A few seasons back on 24, there was a sub-plot that never really went anywhere of terrorists attempting to take down the Internet with a virus that could, essentially, shut it down. All of it. Far-fetched? The way the Internet is designed, it would take a lot to do something like that. I’m sure some people could contest “Tee, that’s impossible…” but let’s face it — did we think it was possible that terrorists would be able to bypass security, hijack four planes, and take down two iconic structures of New York City and a section of the U.S. Military’s central command? (And what would have happened had the fourth flight reached their target?) I know that 24 is the best “SpyFi” out there, but I would also argue that the show is right in one respect: Information will be the next target. Imagine the utter chaos if suddenly people couldn’t tweet, couldn’t send messages via LinkedIn or Facebook, or couldn’t access blogs. Think about that. Consider the world J.C. Hutchins speculated in his 7th Son trilogy and in the Obsidian anthology. Terrorist want chaos and disorganization. Take down our access — or dare I say, dependency — on Information, and watch the mayhem commence.
Yes, I agree — the Administration and the Military should become involved. But I see your cold reality and raise you: With the exception of the White House, the rest of Washington D.C. has a LOT of catching up to do. I work as a freelance consultant in this area, and I have clients that include the U.S. government. There are standards and policies in place that are there to “protect” servers, but these policies are now keeping our government back in the Stone Age. (No kidding — there are offices on Capitol Hill running on DOS.) To best understand technology, you have to use it. The problem with Government 2.0 is the White House is way ahead of the curve, and now higher-up’s and IT “Support” jocks are scratching their heads at Social Media, not wanting to invest time to learning but feeling the pressure from the Commander-in-Chief to get on board. This is the reality of it.
Yesterday was the wake-up call. Let’s hope we do so.
[...] Social Media Sneak Attack (UPDATED!) What — a — day. It all started this morning when, from Twitter Status, this nugget of good news arrived, explaining the odd, intermittent service: We are defending against a denial-of-service… [...]
[...] Social Media Sneak Attack (UPDATED!) What — a — day. It all started this morning when, from Twitter Status, this nugget of good news arrived, explaining the odd, intermittent service: We are defending against a denial-of-service… [...]