Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Twitter, Facebook and LiveJournal were all hit late last night (AEST), with Twitter suffering the worst problems after losing its service for over three hours. Facebook users suffered some problems loading their pages and LiveJournal members lost contact with the site for around an hour.
“Over the last few hours, Twitter has been working closely with other companies and services affected by what appears to be a single, massively coordinated attack. As to the motivation behind this event, we prefer not to speculate,” said the company on its blog.
“Please note that no user data was compromised in this attack. This activity is about saturating a service with so many requests that it cannot respond to legitimate requests thereby denying service to intended customers or users.”
DDoS attacks occur when large number of infected PCs send huge numbers of requests to the target site. The sheer volume of access requests overloads the servers that host the site and causes it to be shut down.
“It's a bit like 15 fat men trying to get through a revolving door at the same time - nothing can move,” said Graham Cluley, senior technology consultant at Sophos.
“Don't underestimate the impact an attack like this can have, by the way. Twitter isn't just about meaningless piffle (although there's a fair bit of that). Companies are using it to keep in touch with their customer base, and consumers take advantage of the site's intimacy to get an answer from large companies that are discovering how to have a "human face" online.”
DDoS attacks are nothing new but the shutdown has raised questions as to how much social networking companies are doing to protect their sites and those who use them.
Financial and betting firms have long been targets for such attacks and have invested millions in setting up sophisticated blocking mechanisms that can lock out computers trying to take part in DDoS attacks, but it appears Twitter and others have yet to make that investment.
“This DDoS attack should highlight to Twitter that it needs to redirect some of this energy to bolster its core security measures in order to protect its millions of users,” said Don Leatham, senior director of solutions and strategy for security vendor Lumension.
“Increasingly, businesses are adopting Twitter as a core part of their social media and communications strategies, and this incident has the potential to have a negative impact on their brands using Twitter, as it could be seen to be highly vulnerable to malicious attack.”
“Obviously, both individual employees and businesses need to take some responsibility when using any online application, including Twitter. The real question here is, ‘is Twitter ready for business primetime?’”
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.