💾 Archived View for gmi.noulin.net › mobileNews › 1362.gmi captured on 2023-06-14 at 17:39:52. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
2009-08-07 09:27:25
High-profile websites including Google, Facebook and Twitter have been targeted
by hackers in what is described as a "massively co-ordinated attack".
Other sites such as the blogging platform Live Journal were also reportedly
targeted.
Twitter was taken offline for more than two hours whilst Facebook's service was
"degraded", according to the firms.
Google said it had defended its sites and was now working with the other firms
to investigate the attack.
"Google systems prevented substantive impact to our services," the company said
in a statement.
The company has not confirmed which services were targeted in the attack, but
it is thought that its e-mail service Gmail and and video site YouTube were
under fire.
"We are aware that a handful of non-Google sites were impacted by [an]...
attack this morning, and are in contact with some affected companies to help
investigate this attack," the company said.
Twitter co-founder Biz Stone wrote on its own blog: "Twitter has been working
closely with other companies and services affected by what appears to be a
single, massively co-ordinated attack."
Those behind this latest attack may be using it as a means of highlighting
the vulnerability of the sites we take for granted.
Graham Cluley, Sophos
He said that the motivation for the attack was unclear and that the company
would "prefer not to speculate".
However, Max Kelly, chief security officer at Facebook, told technology website
CNET News that the attack was a strike targeted at a single user, pro-Georgian
blogger Cyxymu.
"It was a simultaneous attack across a number of properties targeting him to
keep his voice from being heard," he told the website.
Friday marks one year since the outbreak of war between Russia and Georgia.
Writing on his blog, Graham Cluley of security firm Sophos said: "This raises
the astonishing thought that a vendetta against a single user caused Twitter to
crumble, forcing us to ask serious questions about the site's fragility."
Spam attack
The popular sites were subject to a so-called denial-of-service (DOS) attacks
on Thursday, the companies believe.
DOS attacks take various forms but often involve a company's servers being
flooded with data in an effort to disable them.
"Attacks such as this are malicious efforts orchestrated to disrupt and make
unavailable services such as online banks, credit card payment gateways, and in
this case, Twitter for intended customers or users," wrote Mr Stone.
These often use networks of computers - known as botnets -under the control of
hackers.
The strategy is often employed by protestors against, for example, government
websites, said Roger Thompson, chief research officer at security firm AVG.
"Those behind this latest attack may be using it as a means of highlighting the
vulnerability of the sites we take for granted.
"There is no profit to be made from DOS and those who do carry out an attack
like this will lose their botnet, showing there is no gain to be had."
Some unconfirmed reports have suggested that it was not a DOS attack but the
result of a spam campaign containing links to Cyxymu's web pages on the various
affected services.
Archived pages on Cyxymu's blog claim he was victim to this sort of attack,
known as a "Joe Job".
But Mr Cluley said he didn't think that was a likely scenario. "Most people
wouldn't have bothered clicking on the link," he wrote.
"However, I think it is possible that the spam campaign was either run
alongside the denial-of-service from compromised computers around the world, or
that someone who wasn't responsible for the Joe Job decided to wreak revenge on
whoever they believed to have spammed them (and they might have imagined it was
Cyxymu) by launching a DOS from their botnet."
Protest tool
All of the affected services were keen to stress that user's data had not been
put at risk in the attacks.
"Please note that no user data was compromised in this attack," wrote Twitter's
Biz Stone.
"This activity is about saturating a service with so many requests that it
cannot respond to legitimate requests thereby denying service to intended
customers or users."
Twitter has had a meteoric rise since its launch in 2006.
A ComScore study suggests that Twitter had around 45 million users worldwide as
of June 2009.
However, as many users interact with the service through mobile phones or
third-party software, the actual number of users is likely to be higher.
However, that pales in comparison to Facebook, which claims to have 250m active
users worldwide.
Both recently garnered worldwide attention when they were used by Iranians to
co-ordinate demonstrations following the election of Mahmoud Ahmadinejad as
president.
Many protesters believed there was electoral fraud and opposition leader Mir
Hossein Mousavi should have won.
Twitter chose to delay upgrade work during the protests to allow communication
to continue.
In a BBC interview, co-founder Evan Williams denied the move had been a
response to a US state department request.