Twitter, Facebook hit by denial-of-service attacks |
 |
By SearchSecurity.com Staff
06 Aug 2009 | SearchSecurity.com |
|
|
Twitter was shut down by a denial-of-service attack for at least two hours this morning. The site was back up shortly before noon EDT.
Facebook also confirmed it was hit by a DoS attack, but remained up despite some impact on service.
Based on Twitter status postings, the site went down around 9 a.m. EDT. The initial message said the site was down and was investigating the cause of the Twitter attack. That posting was updated to say Twitter was defending against a DoS attack.
The most recent update said the site was but "we are continuing to defend against and recover from this attack."
The motives behind the attacks weren't readily apparent.
"Most attacks are for fame and fortune," said Kevin Haley, director Symantec Security Response. "One of the first things Conficker did was to monetize by downloading rogue antivirus programs. The Dozer attacks [Dos attacks against government and commercial sites in the U.S. and South Korea] r moved from fame to fortune."
Haley said it's too soon to tell if the Twitter and Facebook attacks came from the same source, or why Twitter shut down while Facebook was merely impaired. In any case, he said it underscores the need for organizations to protect themselves by taking basic precautions, working with their ISPs in terms of limiting traffic and setting filters to drop packets that are characteristics of a DoS attack. and, of course, he recommended end users keep their desktop protection up-to-date to avoid bot infections.
"On this otherwise happy Thursday morning, Twitter is the target of a denial of service attack," Twitter co-founder Biz Stone wrote on the company blog page. "Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users.
"We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate."
"Earlier this morning, Facebook encountered network issues related to an apparent distributed denial of service attack, that resulted in degraded service for some users," Facebook said in statement issued Thursday.
" No user data was at risk and we have restored full access to the site for most users. We're continuing to monitor the situation to ensure that users have the fast and reliable experience they've come to expect from Facebook."
Twitter, the enormously popular social networking website has been the target of a number of attacks against users. Spam bots, for example, have been used to generate Tweets from phony accounts, and URL-shortener attacks have been used to redirect users to malicious Web sites. Twitter and Facebook users have been targeted by numerous phishing and social engineering scams.
|
|
|
|
