Friday, August 7, 2009

Hackers Strike Twitter, Cyberculturalist

Twitter, Facebook, Live Journal, and Google were among the websites affected yesterday in what experts are calling a "massively coordinated" attack which affected operations at many of the websites.

Twitter was offline for around two hours during the height of the attack Thursday morning, while Facebook experienced intermittent connectivity issues. Google confirmed that some non-Google (but Google-owned) sites were attacked, but said Google systems were able to defend them. Though not identified by spokespersons, YouTube and Gmail are thought to have been targets. Google confirmed that it was speaking to these sites as part of an investigation.

Twitter said it was the victim of a DoS (Denial of Service) attack, which disabled the site for about two hours. Denial of Service attacks are very basic "hacks," in which attackers send a flood of requests to a site. The site is unable to determine which requests are legitimate and which are part of the attack, and attempts to respond to all of them, resulting in the system being overburdened and effectively stagnated.

The specifics of a DoS attack are manifold, but are generally nothing more than pings from many systems at once. Many times, the attack is initiated by a user who already has a botnet in place. And while DOS attacks can be used to shutdown online banks, disrupt credit card services, and upset timely events (such as contests or sales), there is no way to "gain a profit" from them. Furthermore, the botnet is almost invariably lost afterward, meaning there is very little to gain from a DOS attack. The whole thing has people everywhere scratching their heads.

While the hacker(s) remain unidentified, some believe growing tensions between Russia and the Russian state of Georgia are at the center of the imbroglio. In fact, it has been suggested that the entire assault may have been aimed at a single user: pro-Georgian blogger, Cyxymu. While others say this seems unlikely, it was Max Kelly, head of security at Facebook, who first suggested the attacks were an attempt "to keep his voice from being heard."

Older posts on Cyxymu's blog suggest that this is not the first time he has been the victim of such a "Joe job." But few experts believe the entire attack was aimed at him, even if portions of it were. It's possible other campaigns were run alongside the DOS offensive and/or that certain factions attempted to exact "revenge" on those thought responsible, which could have included Cyxymu.

© C Harris Lynn, 2009

No comments: