And now that the initial panic over a world without Twitter has waned, it's time to start pointing the finger of blame and pontificating on the motive. What would drive someone to disable Twitter and render it unusable for its tens of millions of members?
That's a tricky question. First, let's break down what a distributed denial-of-service attack, or DDoS entails: Essentially, a DDoS attack occurs when an attacker or attackers slam a domain with more requests than it can possibly handle, shutting it down. It can be an automated e-mail sent to slam servers. Basically, the server is receiving so much traffic, it can do nothing else. In Twitter's case, the social media site and its brethren Facebook, LiveJournal and some Google sites, were bombarded with pummeling waves of spam e-mail let loose by botnets. The barrage ultimately caused the sites to crash, leaving more than 45 million users in the dark.
So what was behind the DDoS attack against Twitter? Typically, attacks of this nature are for financial gain, but security analysts have said they can perceive no monetary benefit from shutting down Twitter; unless someone was paid to do it, of course.
"There's not much financial gain doing this," John Harrison, group product manager for Symantec's security technology and response, told Channelweb.com Thursday.
Maybe it was so a hacker could hone his skill. Or a practice run for a bigger, possibly financially rewarding job, at least that's what Paul Sop, CTO for anti-DDoS company Prolexic told Wired.
"High profile brands are often a target simply because they are there -- sometimes as target practice for the attackers," Sop told Wired in an e-mail.
There's even a theory floating around that Twitter was downed by a politically motivated DDoS attack intended to silence one specific user from getting his message to the masses. A Georgian blogger, who uses the handle "Cyxymu," with accounts on Twitter, Facebook, LiveJournal, Google Blogger and YouTube, is said to have been the single target of the attack, a Facebook executive told CNET News.
"It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard," Facebook Chief Security Officer Max Kelly told CNET. "We're actively investigating the source of the attacks and we hope to be able to find out the individuals involved in the back end and to take action against them if we can."
Sounds like a heck of a lot of trouble to go through to keep one person from publishing a microblog that would likely only be seen by his own followers, but whatever works, I guess.
Me, I'm going with bragging rights.
Remember back when hacks and attacks weren't just about the money? When hacking was, for lack of a better word, pure? Hackers launched attacks and sneaked into areas they weren't supposed to so they could say they did it. It was a virtual insult to the world. Hackers would become known for their high-profile attacks, reliving it like a high school athlete recounts the big game: "Remember when I took down such-and-such Web site for five hours and they lost millions of dollars? That was awesome." Those were the days, when attackers wanted nothing more than bragging rights and a few headlines.
Still, there are a host of other theories behind the motive of yesterday's Twitter take down.
"I think it was a vigilante," Roger Thompson, chief research officer at AVG Technologies, told Computer World, "who wants to call attention to the danger of botnets."
One more possible motive is that the hacking community just hates Twitter and wants it to go away.
"If you monitor the hacking forums, it's clear they're pissed at Twitter," Richard Stiennon, founder of IT-Harvest, a security research firm, told Computer World. "Twitter came out of nowhere. Hackers hated that. They'd been using forums and IRC to communicate, and all of a sudden, the rest of the world has their own thing in Twitter."
Steinnon added: "They look at Twitter and think, 'there goes the neighborhood.' So they wanted to demonstrate that they could take it down and generate news at the same time."
Regardless of the motive, the probe into the biggest social media attack yet will continue, and for now Twitter, Facebook, LiveJournal and all the rest are back up and running.
Stefanie Hoffman contributed to this story.
- Juniper Honors 12 Americas Partners
- Facebook And Four More Web Sites We Love To Hate
- Cisco Honors Top Partners During 2010 Partner Summit
- HP Salutes Top Partners At APC 2010 Award Show
- Upclose And Personal With AMD And friends
- Will Oracle's Phillips' Affair Revelation Be A Distraction?
- Apple, Microsoft Unlikely Allies Against Google
- HP-Microsoft Cloud Partnership Needs To Show Us The Goods
- Blog: It's Time For A Cybercrime Public Service Announcement
- Nortel Sell-Off Continues: Ethernet Business To Ciena?
- Want To Deploy Exchange 2007 SP2 In A Server 2008 R2 Domain? Sorry
- Apple Improves iTunes 9 With Syncing, Visual Enhancements
- Oracle Ad Refutes Sun Hardware Fears
- U.S. Copyright Chief Rips Google Book Deal In Testimony
- Apple Slashes iPod Price Tags
- Price Is Right? Asus To Launch Low-Cost E-Reader
- Microsoft Xbox 360 Consoles Fail More Often Than Wii, PS3
- Privacy Group To Congress: Stop Online Advertisers In Their Tracks
- Microsoft, Intel Tout Their Collaboration On Windows 7
- Tech Data Adds Integration Services With New Center
| • |
| • |
| • |
| • |
| • |
| • |
| • |
|
|
