Update: Twitter limps back to life after DDoS attack
Microblogging site still slow after assault paralyzed it for hours
Computerworld - After being knocked offline for about two hours this morning, Twitter warned users that its site still wasn't fully back up to speed.
Twitter went down around 9:05 a.m. ET, according to figures from AlertSite, which tracks Web site performance. The company also noted that Twitter started to come back online around 11 a.m. but only had 40% availability at that time. The microblogging site was more fully operational by 11:30 a.m.
Twitter confirmed this morning that the site had been taken down by a distributed denial-of-service (DDoS) attack.
"As we recover, users will experience some longer load times and slowness," Twitter reported in its status update. "This includes timeouts to API clients. We're working to get back to 100% as quickly as we can."
Twitter had noted the attack earlier in the day and said at the time that it was trying to defend itself.
Twitter co-founder Biz Stone showed his frustration with the situation in a tweet posted late this morning. "We had a lot of things we'd rather be doing this morning, defending against a DoS wasn't one of them," he wrote.
The outage left millions of Twitterers adrift this morning, with many taking to Facebook to voice their frustrations about not being able to post tweets or follow others. One Facebook user noted, "Suffering tweet withdrawal."
A distributed denial of service attack occurs when computers flood a Web site with requests for information -- effectively shutting it off from other legitimate traffic.
"It's a bit like 15 fat men trying to get through a revolving door at the same time -- nothing can move," said Graham Cluley, a senior technology consultant for Sophos, in a blog post. "Don't underestimate the impact an attack like this can have, by the way. Twitter isn't just about meaningless piffle, although there's a fair bit of that. Companies are using it to keep in touch with their customer base, and consumers take advantage of the site's intimacy to get an answer from large companies that are discovering how to have a 'human face' online."
Ken van Wyk, principal consultant at KRvW Associates and a columnist for Computerworld, noted that major Web sites are frequently hit with DDoS attacks but they rarely result in total outages.
"Most sites grow to a level of resiliency that is quite good, although certainly not perfect," said van Wyk, adding that the attacks are tough to defend against. "At some level, they're impossible. Although TCP/IP and our modern networks are pretty robust operationally, overwhelming a data pipe with vast amounts of data can still be an effective denial-of-service attack.
"Very large enterprises are quite good at getting huge data pipes and distributing their processing at geographically -- including network geography -- disperse locations," he said. "These things all make DDoS more difficult to accomplish, but not impossible."
- 5 Twitter clients for Linux
- Twitter brings the data back in-house with Gnip buy
- Twitter crashed -- again -- on Tuesday
- Twitter's slipping user growth spooks investors
- Get ready to tweet your questions for Twitter's first earnings call
- Super Bowl sets Twitter record, as Volkswagen launches social war room
- Perspective: Twitter's success opens up IPO pipeline
- Update: Twitter goes public at $45 a share
- With IPO cash influx, Twitter could be bigger threat to Facebook
- Ahead of IPO, Twitter shines up multimedia image
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts