Blogs >> Technology >>
The day Twitter stopped
Of course, it wasn't a full day that the world went without the successful microblogging service (see 'Massive attack' strikes websites). It was just a few - crippling, to some - hours.
But the distributed denial-of-service attack (DDoS) that hobbled Twitter and its 45 million worldwide users - and which also sucked in Facebook and LiveJournal - has security experts baffled and concerned.
"Up is down, left is right and black is white," I was told by Cisco fellow and chief security researcher Patrick Peterson.
"These attacks do not make sense. In the last few years, we have seen the criminals build systems to make money and not get caught.
"Now we see them making a big splash with this attack which is of no benefit. It does not put a single dollar in their pocket and it exposes them to the risk of being caught," said Mr Peterson.
A denial-of-service attack generally works by using hijacked computers or botnets to deluge a site or service with thousands and thousands of requests, overwhelming it and rendering it obsolete.
In the case of Twitter, the New York Times said the perpetrators unleashed a wave of spam e-mail messages which infiltrated the service and other sites.
"It's a vast increase in traffic that creates the denial-of-service," said Bill Woodcock, a research director of Packet Clearing House, a non-profit organisation that tracks internet traffic.
The first DoS attack noted by the Washington Post dates back to over a decade ago.
Wikipedia cites a major hit on domain name servers involving AOL and Register.com in January 2001. The following month, it was the turn of the Irish department of finance, targeted by students.
More recently, the Iranian government was the focus of foreign activists seeking to help the opposition following June's contested presidential elections.
The US government was affected just two months ago, as was Korea.
"If you go hunting, you want to bag the head of the biggest and fiercest beast to show your strength," Mr Peterson told the BBC.
"So ten years ago, we saw the biggest names on the internet like Microsoft, Yahoo and Amazon get attacked because they were the marquee brands of the day. Today, they are going after Twitter and Facebook for the same reason."
But despite these high-profile trophies, Mr Peterson describes denial-of-service as, to all intents and purposes, an outmoded tool in the criminal fraternity.
"You have to be brave or stupid to have attacks this brazen with law enforcement being more active in the realm of cybercrime. There is a serious risk of being caught."
Other industry experts agree.
"Organised crime and other groups have gone off to other things. It's more lucrative for them to use the internet, not to take the internet away," John Harrison of security firm Symantec told CNET.com.
In the blogosphere, some claim that Twitter and Facebook are working together to track down who is behind the attack. Some security experts are also poring through the data. The theories range from a teenager to a Georgian blogger.
For the future, Mr Peterson says the best way to stop a denial-of-service is to employ techniques that alert sites to differences in the way requests are coming in from computers.
"The criminals may have a botnet of around 50,000 to 100,000 infected computers in their control. But there are also 10 to 20 million legitimate users out there and their traffic looks nothing like DoS traffic," explained Mr Peterson.
"If you can get a smart system to detect anomalies, then you can block the DoS bots making 1,000 requests a minute versus one that makes three requests per minute and keep your site online."
However, just blocking access from the IP addresses of offending computers can cause the knock-on problem of blocking legitimate users who do not know that their computer has been compromised.
For Twitter, the implications of the attack are serious.
It wants to be more than a social media brand. It wants to be a communications standard.
And while this has not been seen as a good day for Twitter, it has to ensure such an attack does not overwhelm it next time. Because there will certainly be a next time, says Mr Peterson.
"A few months ago, I would never had predicted anything like this. Denials-of-service were a thing of the past.
"But this is a trend. And I think a lot of people who view DoS attacks as fun will look at all the media attention and it will invite more criminals to try their hand at it," warned Mr Peterson.
|
|
