Twitter has become the target of a denial of service attack, and the popular micro-blogging service temporarily went offline on Thursday.
“We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate,” read a notice posted to theTwitter web site.
The service has been hit by a series of security glitches of late. Notably, the accounts of several well-known Twitter users were hacked or compromised in January, and then again in May and June.
Last month Sophos warned that Web 2.0 companies like Twitter are concentrating on growing their customer bases at the expense of properly protecting users from internet threats, after the company reported a quarter of organisations have been exposed to spam, phishing or malware attacks via sites such as Twitter, Facebook, LinkedIn and MySpace.
Earlier this week security software house F-Secure revealed that Twitter had begun to take security a little more seriously and was starting to block links to malicious sites when users try to post them.
Twitter returned to action on Thursday evening (UK time). Although service was still patchy for some users as the servers to time to fully recover.
Reports later emerged that Facebook, blogging service LiveJournal and Google had also been the victim of DoS attacks, although the search giant claims it was able to fend off any disruption to its service.
“Over the last few hours, Twitter has been working closely with other companies and services affected by what appears to be a single, massively coordinated attack. As to the motivation behind this event, we prefer not to speculate,” said Twitter founder Biz Stone on the company’s blog.
However, it has been claimed that the attacks were targeted at an anti-Russian blogger known as Cyxymu. Facebook’s Chief Security Officer Max Kelly claimed that the DoS attack was an attempt to silence the blogger in the run up to the anniversary of the Georgian invasion of South Ossetia, which instigated the Russia-Georgia was last August.
Cyxymu, who is from Tbilisi, Georgia, has accounts on Twitter, Facebook, LiveJournal as well as Blogger and YouTube, both owned by Google. “This raises the astonishing thought that a vendetta against a single user caused Twitter to crumble, forcing us to ask serious questions about the site’s fragility,” Graham Cluley from security firm Sophos said on his blog.
According to reports, spasm emails were sent out containing links to Cyxymu’s various social networking sites. Users clicking on the links contributed to the DoS attacks. However, this theory is unlikely, according to Cluley, who said that most people would correctly believe the emails were spam and ignore them.
“I think it is possible that the spam campaign was either run alongside the denial-of-service from compromised computers around the world, or that someone who wasn’t responsible for the Joe Job decided to wreak revenge on whoever they believed to have spammed them (and they might have imagined it was Cyxymu) by launching a DDoS from their botnet,” Cluley said.
Denial of Service attacks occur when a huge number of compromised PCs send requests to a specific site. The site’s servers fail to keep up with the requests and the site falls over. “It’s a bit like 15 fat men trying to get through a revolving door at the same time – nothing can move,” said Cluley.
