Twitter taken down by denial-of-service attack
- — 07 August, 2009 05:24
The Twitter micro-blogging and social networking service was hit with a denial-of-service attack Thursday morning that has rendered the site unavailable for users.
Twitter reported the attack in a post on its blog at about 11 a.m. EDT and is continuing to deal with the problem.
"We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate," the company said in a blog posting by Twitter cofounder Biz Stone.
In a status report about an hour following its acknowledgement of the attack, Twitter reported that the site was back up, but users still were having trouble reaching it.
The site itself was down for about two hours before it resumed service, although Twitter remained under attack and warned users in another status update that as it recovered, users would experience "some longer load times and slowness," as well as network timeouts.
A DoS attack is an attempt to make a Web site or service unavailable to intended users by flooding the service or site with incoming data requests, such as e-mails. Motives for DoS attacks vary, but perpetrators mostly target companies with high-profile, highly trafficked Web sites, and usually there is some kind of financial motivation for the attack.
Graham Cluley, a senior technology consultant with security software vendor Sophos, said it's unlikely money is the motive here, since Twitter does not have much of its own to part with because the business is not yet profitable.
DoS attacks also can be politically motivated, he said, and while some countries' governments don't like Twitter -- notably, Iran -- he doubts the attack is politically motivated. "It's most likely to be a teenager in a back bedroom somewhere showing off," Cluley said.
When a site is hit with a DoS attack, administrators will try to distinguish between valid requests to access the site and malicious ones, and redirect the malicious ones to another domain if possible, he said.
As Twitter's site was up and running a couple of hours after the attack, it's likely the company was able to do this, or the hacker may have simply ended the DoS attack, Clulely said.
Twitter had not yet provided an update on where it thought the attack was coming from or how it was handling the attack as of Thursday afternoon on the U.S. East Coast. The company's public relations team did not immediately respond to a request for comment Thursday.
In just three years, Twitter has become an enormously popular Internet service with about 30 million unique users and counting. In addition to being a social tool for people to share constant status updates about their activities, it also has become a tool for journalists, public relations specialists, businesses and public figures to share information with millions of users.
Like Facebook and Google, Twitter also has become an integral part of U.S. popular culture, with the slang word for posting something on Twitter, "tweet," becoming part of U.S. English vernacular.
Twitter is no stranger to outage problems, although it had been starting to improve its availability level in the past year. According to a report by Pingdom released in February, Twitter recorded 84 hours of downtime in 2008, but 84 percent of that was in the first half of the year.
The site finished 2008 with uptime of 99.04 percent, which still lagged behind other popular social-networking sites like Facebook and MySpace.