How Twitter was Brought Down in August 2009

The Day a Denial-of-Service Attack Took Livejournal and Twitter Down

Aug 9, 2009 Nick Bryan

On a Thursday in August 2009, several popular social networking sites were knocked offline. Later, security experts ask if the attack was aimed to silence one man.

The attack on the sixth of August took Twitter offline completely, and left it struggling to regain full functionality in the days that followed. Blogging service Livejournal was also knocked offline, and Facebook had its functionality impaired, although it remained available to users.

It was the effect on Twitter which attracted the most attention, as the micro-blogging site has experienced phenomenal growth in recent months, and overcome a previous record of unreliability to provide a stable service.

The constant online stream-of-consciousness available via Twitter had become a regular backdrop to online life, and although basic service was restored in a matter of hours, it has left questions about the ability of Twitter to provide the constant up-to-the-minute internet communication to which they seem to aspire.

The Nature of the Denial-of-Service Attack

After the initial outage, the problem was soon declared on Twitter’s own service status blog to be an “ongoing denial-of-service” attack. It was later reported on news sites to be a DDoS (Distributed Denial of Service) attack, where the target server is bombarded with information requests over a very short space of time, overloading it and rendering it unable to continue functioning.

Such vast increases in traffic can be generated by hijacking many computers to generate a bombardment in the required direction at the same time as many others. This can be done without the awareness of the computer’s user, which makes it harder to defend the attack, as to simply block all the sources could deny access to legitimate customers.

Cisco security researcher Patrick Peterson, speaking to the BBC dot.life blog on Friday 7th August, expressed his surprise at the nature of this attack, saying “denials-of-service were things of the past”, and remarking that this kind of attack, on a popular site such as Twitter, is “of no benefit” to the attacker, as “it does not put a single dollar in their pocket, and it exposes them to the risk of being caught”.

Who was Responsible for the Attack?

Since the outage, speculation has taken place about those behind the attack. Widely read technology blog TechCrunch started quickly on the day of the attack in a piece headed "DDoS Attacks Crush Twitter, Hobble Facebook", remarking that Twitter and Facebook would be looking to “figure out exactly which 15 year olds are responsible for organizing the attack”.

It’s certainly the case that previous internet attacks have been traced back to nothing more than bored teenagers, often organised via message boards such as 4chan, but other theories are also circulating.

A blogger with the alias ‘Cyxymu’ from Tibilise, Georgia, has said that he believed the attack was aimed at him personally, perhaps co-ordinated by the Russian state. He has written about the conflict between Russia and Georgia, in a manner often critical of Russian involvement.

Facebook’s Chief Security Officer, Max Kelly, confirmed to CNET news later on the day of the outage, in the article "Twitter, Facebook Attack Targeted One User", that the attack was focused on the pages owned by ‘Cyxymu’, and the massive amount of traffic on his page then caused the subsequent ill effects across the rest of the site. He also had pages on the Twitter and Livejournal sites, and this may have been an effort to force the services to drop his pages due to excessive bandwidth use.

Graham Cluely, a senior technology consultant at internet security company Sophos, commented in the 8th August Globe And Mail article "Cyberwar blamed for Twitter crash" that someone had “taken a real offence” at these blogs and “had a vendetta” against the author, based on spam messages which attempted to redirect users to his pages. However, Mr Cluely did not go as far as to say the entire Denial-of-Service attack was aimed at taking his work offline, commenting that this would be “like using a sledgehammer to crack a peanut”.

The true origin of this attack remains unconfirmed for now, but Patrick Peterson added to the BBC that he expects to see more Denial-of-Service attacks in the future, as the media attention will “invite more criminals to try their hand at it”.

The copyright of the article How Twitter was Brought Down in August 2009 in Internet is owned by Nick Bryan. Permission to republish How Twitter was Brought Down in August 2009 in print or online must be granted by the author in writing.
The Twitter Crash that Left Users Stranded, Andy Melton The Twitter Crash that Left Users Stranded
   
What do you think about this article?
NOTE: Because you are not a Suite101 member, your comment will be moderated before it is viewable.
post your comment
What is 7+3?