Twitter (and Facebook) Under Attack! (UPDATED POST)
Posted by Twitter's Tee Morris | Posted in Blogging, Twitter in the News | Posted on 06-08-2009
Tags: attack, DoS, hackers, hacking, hacks, information, research, security, status, Twitter
6
Talk about a tough way to start a day.
From Twitter Status comes this nuggest of good news:
We are defending against a denial-of-service attack, and will update status again shortly.
Okay, that doesn’t sound good.
What exactly is a Denial-of-Service or DoS Attack? Heck — I’d never heard of it and I’m a geek, passionate about his Social Media. So, I turned to Google and started the research. In a nutshell, it’s bad. REALLY bad. From the files of U.S. Computer Emergency Readiness Team (CERT) comes a definition of what a DoS Attack is all about:
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, web sites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker “floods” a network with information. When you type a URL for a particular web site into your browser, you are sending a request to that site’s computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can’t process your request. This is a “denial of service” because you can’t access that site.
So yeah. This is bad.
Right now, according to Twitter, they are back online and picking up the pieces of this malicious assault on their servers; so if you feel like coming on to the network and complaining about them, think twice. As I mentioned last night (and probably will, again, in an upcoming interview), Twitter has been growing like Kutzu on steroids, and trying to come up with adequate security is an ongoing challenge. I applaud them for keeping us all in the loop and for handling this as well as they have, but sadly this is a reminder of how their security should become an issue of highest priority.
I’ll have more information here as the day progresses, but remember you can keep tabs on Twitter’s Status by clicking here. See you all on the tweet side.
UPDATE at 3:14pm EST
Doesn’t look like Twitter is the only one getting slammed by hackers. From Wired Magazine comes confirmation that Facebook is also under a DoS attack:
Facebook has confirmed to Wired.com that — like Twitter — it was the victim of a denial-of-service attack Thursday morning.
“Earlier this morning, Facebook encountered network issues related to an apparent distributed denial-of-service attack, that resulted in degraded service for some users,” responded Facebook spokeswoman Kathleen Loughlin via e-mail.
Facebook seems to be weathering the storm, but Fan Pages have been reported offline and their response time on other pages slow. Twitter has been on and off, and some folks in my networks have been voicing their ire abut their inconsistency. Remember that while, yes, Twitter is awesome, it is also dealing with people today that are not-so-awesome and are making life in 140-characters-or-less close-to-near impossible. Be patient with Twitter. It’s not going anywhere, but it is getting hammered by hackers today.
Thanks for the info… I had looked but hadn’t found anything, so this is doubly appreciated.
Just because I like being a pain in the arse from time to time –
Why did you Tweet a link to this blog post while Twitter was OFFLINE because of the Denial of Service Attack? Who was going to see it? LOL
Remember, I luvs ya, dude.
– Orion
It’s an automatic function, but I retweeted my link to here after we got service so people knew what was going on.
And yes, I also did this in order to increase exposure of the blog. It’s still new, so come on, Orion, work with me! *LOL*
From Twitter Status, they report:
I have noticed somewhat sporadic service, so I think today is going to be a long day on Twitter.
Ooo Automatic function you say? I like the sound of that and will have to investigate further and at it to my blogs and sites. You’ve been a great person to follow. I have been and always shall be — well you know the rest!!
– Orion
August, 07 2009 and laughing out loud at your sense of humor about Twitter being down on August 6th, with your repetitios tweet that “OMIGAWDTWITTERISDOWN! OMIGAWDTWITTERISDOWN! “. Being brand new to Twitter, my first response to not being able to login was, oh no, what did I do wrong. Have they blocked me somehow, what did I do/say? Made me feel like a medieval serf. So thanks for that tweet that helped me to put this all into perspective. This is a fascinating learning experience for this Boomer of 62 years.
I noticed you mentioned me in the first Birdhouse Rules. I feel like a big celebrity now!
You actually “misspelled” @grizzlysgrowls, my Twitter handle. Didn’t know you could misspell on a podcast. But you were always a bold explorer of possibilities.
Turned out, according to some sources, the DDOS on Twitter was part of an attack on one particular individual who happened to be using the different outlets attacked. So I was wrong. But it was something similar, an attack by electronic “weapons of mass destruction,” or at least a terroristic attack.
I say terroristic not to be inflammatory — the attack was on a large number of people, and it was intended to threaten on a large scale to change behavior, and most of those attacked weren’t even doing what they were being attacked for, innocent bystanders, collateral damage. These are core characteristics of any terroristic attack.
It wasn’t driven by #iranelection, but it was politically motivated. So my knee-jerk reaction about the nature of the attack was accurate. Just blamed or credited the wrong perp.
Luckily, I only use my powers for Good.
Griz