Skip the navigation
)
News

DDoS attack that downed Twitter also hit Facebook

While Twitter was knocked offline this morning, Facebook fared better against the assault

August 6, 2009 04:06 PM ET

Computerworld - The same denial-of-service attack that took down Twitter this morning also slammed Facebook but with much less dramatic results.

Facebook noted on its site this afternoon that it too was fending off a distributed denial-of-service attack that was slowing its site. Unlike Twitter, which was down for two hours this morning, Facebook remained online.

"You may have had trouble accessing Facebook earlier today because of network issues related to an apparent distributed denial-of-service attack," the company wrote. "We have restored full access for most people. We'll keep monitoring the situation to make sure you have the reliable experience you expect from us."

Web site performance monitor AlertSite reported that Twitter's site wasn't back 100% until 2 p.m. EDT. AlertSite also noted that Facebook appeared to suffer little more than a few sporadic errors. Facebook's availability was at 97% at 10 a.m. when the attack was underway, and it was up to 100% availability soon after that.

While there's little more than online chatter and guesswork about the origins of the attacks, security analysts say the incident raises red flags that two giant Internet companies, like Twitter and Facebook would be hit in the same assault.

Randy Abrams, director of technical education at ESET, an IT security company based in Bratislava, Slovakia, said his best guess is that a major botnet herder was offering a demonstration of the power of his botnet to a potential client with a major target in mind.

"They could have been saying, 'Look what I can do to Twitter. I think my botnet can handle whatever you want it to do,'" said Abrams. "I'd put my money on this being a demonstration, a show of force, by someone looking to hire out their botnet."

Graham Cluley, senior technology consultant for Sophos, told Computerworld that whoever launched the attacks should beware the clout of those he's going after.

"Anything is possible, and we could make guesses like this until the cows come home ... We simply don't have enough information yet to be certain as to what the motivation was," he said. "One thing is certain -- if they did do this as a demonstration of how powerful their botnet is, they've just made themselves some new and angry enemies in the shape of some major Web 2.0 companies. I wouldn't be surprised if the computer crime authorities put some serious effort into trying to track down whoever was responsible. After all, if they can bring down social networking sites they can bring down banking sites."

Cluley also said it's not yet clear why Facebook faired so much better than Twitter. It could have been that the bulk of the assault was aimed at Twitter or that their defenses simply weren't as tough.

The attack against Twitter brought the site down between 9 a.m. and 11 a.m. EDT this morning. This afternoon, the microblogging site was still struggling with slowdowns and interruptions caused by the assault.

"As we recover, users will experience some longer load times and slowness," Twitter reported in its status update at 12:46 p.m. EDT. "This includes timeouts to API clients. We're working to get back to 100% as quickly as we can." The company had not posted another update by 3:30 p.m.

Oddly enough, even though the attack hit both Twitter and Facebook, while Twitter was down, frustrated users vented on Facebook. One Facebook user noted, "Suffering tweet withdrawal."

Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.



What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
Additional Resources
Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Malware and Vulnerabilities White Papers
Practice Management: Double Billing Rate and Improve Patient Services
Would you like to double your billing rate and achieve faster payment for services?

Download this customer success story to see how One Health...
Mission Critical Data Explosion and Customer Case Study
Would you like to double your tier 1 storage capacity while simultaneously reducing your storage footprint?

Download this customer success story to see how...
Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
Read this new eBook to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
Database Activity Monitoring Is Evolving
Read the analyst report and learn how you can leverage the core capabilities of a DAP solution for better database security.
Establishing a Strategy for Database Security is No Longer Optional
The options for securing increasingly valuable databases are very broad and deep, and can be confusing. This research provides an overview of three...
All Malware and Vulnerabilities White Papers
Malware and Vulnerabilities Webcasts
Distributed Database Security with Real-time Monitoring
View this demo and learn how IBM InfoSphere Guardium database activity monitoring can help protect your sensitive data in distributed DBMS environments with...
InfoSphere Warehouse Packs Demo
These flash modules make warehousing more tangible and relevant to business users through detailed explanations of the InfoSphere Warehouse Packs.
Delivery Management -- Extending Lifecycle Management
Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs,...
Leverage automation today to reduce IT complexity
Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific...
Redefine Expectations in the Data Center
Need to do more with less? Watch this video to learn how HP ProLiant Gen8 servers can help your business deploy servers three...
All Malware and Vulnerabilities Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs