Various opinions given on reasons behind the denial-of-service attack on Twitter yesterday

News by Dan Raywood

Claims have been made that the denial-of-service (DoS) attack on Twitter may have been a revenge attack for recent malware filtering.

Claims have been made that the denial-of-service (DoS) attack on Twitter may have been a revenge attack for recent malware filtering.

Twitter co-founder Biz Stone claimed that it was working closely with other companies and services affected by what appears to be a single, massively coordinated attack.

He preferred not to speculate on the reasons for the attack, but was also quick to point out that no user data was compromised in the attack. Stone said: “This activity is about saturating a service with so many requests that it cannot respond to legitimate requests thereby denying service to intended customers or users.

“We've worked hard to achieve technical stability and we're proud of our engineering and operations teams. Nevertheless, today's massive, globally distributed attack was a reminder that there's still lots of work ahead.”

Randy Abrams, director of technical education at ESET, said: “I do not know where the attacks are originating from, or the reason, but it occurs to me there may be hell to pay. So what motives? Perhaps the bad guys are upset that Twitter has recently started filtering URLs in order to cut back on the amount of malware the users experience. Twitter's actions must have hurt the bottom line of some criminal organisations, but there are still other ways thieves can make money and they make none at all if Twitter is down.

“This leads to the thought that either it is a revenge attack by a disgruntled idiot or an attempt to gain fame by a hacker with more technical skills than brains. If it isn't an organised criminal group that is attacking Twitter I would expect the attacker will draw the ire of criminal groups that abuse Twitter for illegal gains. Somebody is hitting the criminal element in the wallet by attacking Twitter.”

Don Leatham, senior director of solutions and strategy at Lumension, claimed that Twitter has aggressively and successfully focused on developing features and building applications to drive user numbers, and it has grown in leaps and bounds internationally, but the DoS attack should highlight that it needs to redirect some of this energy to bolster its core security measures in order to protect its millions of users.

Leatham said: “Increasingly, businesses are adopting Twitter as a core part of their social media and communications strategies, and this incident has the potential to have a negative impact on their brands using Twitter, as it could be seen to be highly vulnerable to malicious attack.

“Obviously, both individual employees and businesses need to take some responsibility when using any online application, including Twitter. The real question here is, ‘is Twitter ready for business primetime?' Its model is more targeted to individual users, and what businesses have to consider before using these applications is ‘where does security sit within the business priority and is it business friendly?'

“Further, Twitter has to adopt a similar approach to how Microsoft deals with vulnerabilities in its software. For example, shutting down and putting out an alert via its communications team, informing users that it is taking precautions until the issue has been resolved. Today, Twitter should have taken more steps to inform and update in order to protect business and consumer users.”

Paul Sop, CTO at Prolexic, believed that any organisation with an online presence is a potential target for DDoS attacks, and high profile brands are often a target simply because they are there – sometimes as target practice for the attackers.

Sop said: “The loss of customer confidence and revenue can be devastating for a business brought down for a significant length of time. It's no use trying to fight the attacks on your own networks; cyber attacks must be fought close to the traffic sources (infected PCs) to allow the website to continue to function.”

Graham Cluley, senior technology consultant at Sophos, likened a DoS attack to ‘15 fat men trying to get through a revolving door at the same time - nothing can move'.

Cluley said: “I wonder how many people thought this morning that their IT department had deliberately blocked Twitter because of concern that staff were wasting too much time tweeting about their first cup of coffee of the day or the latest news about that Vanessa Hudgens picture.

“Don't underestimate the impact an attack like this can have, by the way. Twitter isn't just about meaningless piffle (although there's a fair bit of that). Companies are using it to keep in touch with their customer base, and consumers take advantage of the site's intimacy to get an answer from large companies that are discovering how to have a ‘human face' online.

“The question on my mind is - why would someone want to attack Twitter? I can't imagine it's a commercial competitor of theirs, but it could be someone with a political or financial motivation (blackmail?), or a teenager in a back bedroom with access to an awfully large botnet.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews