DDoS Attacks Thursday Morning
When the usual sites I check every morning were down the first time I checked them Thursday morning, I shrugged, thinking that the storm the night before had somehow messed up the DSL connection at the office, as bad storms occasionally did.
Then I noticed that those same sites weren’t pulling up on my blackberry and that other sites were operating just fine, though, with a few exceptions, the sites affected seemed entirely unrelated.
Turns out there was a pretty wide-spread DDoS attack (that is, Denial-of-Service Attack) that seemed to be specifically targetting social networking sites like Twitter and Facebook, and successfully took down Facebook for a short while during the morning and Twitter for most of the day. Unfortunately, the general overloading of networks was enough to cause difficulties on some completely unrelated sites.
That’s fine, I can do without Twitter for a day, and I don’t bother with Facebook, but it is worrying. If an attack is able to do this to big-name but relatively unimportant sites like Facebook and Twitter, what’s to keep them from targeting financial websites and banking institutions? The network infrastructure of the US was, for the most part, built to withstand traffic that is less than a tenth of what it now is forced to support, and while banks and high security networks are built to withstand hacking attempts and attacks intended to steal information, most are not equipped to deal with the pure server overload that is the typical DDoS attack.
If someone can shut down Facebook and Twitter so successfully and for so long just by over-loading their servers with traffic, how long will it be before they can shut down something much more important?
Related articles by Zemanta
- Twitter hit by DDoS Attack
- Twitter Down Due to Denial of Service Attack (DDoS) (mashable.com)
- Twitter, Facebook, and LiveJournal Down at the Same Time! (Update) (readwriteweb.com)
The botnets used for these are available to rent. Russians rented them not that long ago to successfully disable the Georgian (country) military when they invaded last year. http://blogs.zdnet.com/security/?p=1670 Interestingly, all this is about a user in the same country with accounts at Facebook, Twitter, and other sites. http://news.zdnet.com/2100-9595_22-329643.html
Both Facebook and Twitter were a little flaky during the Inauguration back in January. That was because normal users flooded the services for an event they were prepared to handle. DDOSes send so much traffic no site can handle it without having significant capacity over normal. The usual trick is to change the IP where your site usually listens so the DDOS traffic attacks something other than you.