Twitter down: Denial of service

Denial-of-service attack prevents users from accessing the social network. Facebook and LiveJournal also have outages.

EMAIL  |   PRINT  |   SHARE  |   RSS
 
google my aol my msn my yahoo! netvibes
Paste this link into your favorite RSS desktop reader
See all CNNMoney.com RSS FEEDS (close)
By David Goldman, CNNMoney.com staff writer

twitter_screenshot.03.jpg
Twitter.com was down for a period of about two hours Thursday, and service remains spotty.

NEW YORK (CNNMoney.com) -- Social networking Web site Twitter was unavailable for roughly two hours Thursday morning after being hit by a denial of service attack.

Twitter went down at about 9:30 a.m. ET. It was back up by 11:30 a.m. ET, but access to twitter.com has remained spotty since then, with frequent network timeouts.

A DoS attack occurs when hackers overload a Web site with server requests, preventing legitimate users from accessing the site. People often accomplish the attack by infecting an army of computers with viruses. When the infected computers simultaneously try to access the Web site, the servers cannot keep up.

A similar DoS attack took down blog network Gawker Media from Aug. 1 through Aug. 3, and several U.S. government agencies were hit with a denial of service attack in early July.

How these attacks happen. Computers that do not have the latest security patches are the most prone to viruses, said John Harrison, an analyst at tech security firm Symantec. Though viruses can be downloaded alongside an infected program, the most common form of attack can comes from merely visiting a compromised Web site.

According to Symantec data, there are approximately 808,000 infected domains, including those of several Fortune 100 companies. Two million computers were attacked by viruses in 2008.

Many of these viruses take the form of "botnets," which give the virus creator the ability to control the computers remotely. Some of these networks can grow to as large as 100,000 computers with very little cost to the "bad guys." In 2007, establishing botnet networks cost about $1 per bot, but now that cost is just 4 cents per bot, Harrison said.

Most of the networks use computers to send countless amounts of spam e-mail. Only rarely do network creators launch large denial-of-service attacks, however.

"When you do an attack, you are potentially showing where all of your systems are and can be more easily spotted," said Harrison. "The bad guys are careful about not doing this too much, generally operating below the radar.

Furthermore, denial of service attacks are rare, because hackers make their living on keeping the Internet open for their malicious services. Harrison said when denial of service attacks do occur, it is often when a new hacker is trying to establish credibility or rival hackers are trying to bump each other off the Internet.

Thursday's outage. Twitter allows users to post 140-character messages, and many of the site's users complained Thursday about feeling disconnected from the news of the day while the site was shut down.

"Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users," Twitter Chief Executive Biz Stone told CNNMoney.com in an e-mail.

Stone said Twitter continues to defend against this attack and will continue to update its status blog. He said the company will investigate the source of the attack at a later date.

Though users can now access the site, Twitter noted on its service blog that users will experience some longer load times and slowness as the site works to "get back to 100%."

Stone said Thursday morning's attack was not related to a recent incident in which a hacker stole internal documents from Twitter, which were hosted by Google (GOOG, Fortune 500) via Google Docs.

"It's not related to Google Docs nor is it about compromised data -- it's essentially about maliciously saturating a target with so many external communications requests such that in cannot respond to legitimate requests," Stone said.

Social network Facebook and blog site LiveJournal were also down for a portion of the day. Access has been restored for most users.

"Earlier this morning, we encountered issues within our network that resulted in a short period of degraded site experience for some visitors," a Facebook spokesman said in an e-mail. "No user data was at risk and the matter is now resolved for the majority of users. We're monitoring the situation to ensure that users continue to have the fast and reliable experience they've come to expect from Facebook."

It was not immediately known if the incidents were related. To top of page

Features
They're hiring!These Fortune 100 employers have at least 350 openings each. What are they looking for in a new hire? More
If the Fortune 500 were a country...It would be the world's second-biggest economy. See how big companies' sales stack up against GDP over the past decade. More
Sponsored By:
More Galleries
Most 'one percent' moments of 2014 This year was all about more money, more problems. Here's a look at the trials, tribulations and triumphs of the 1% over the last year. More
6 products to keep the skies friendly Plane travel can be stressful, especially during the holidays. These things can help keep the peace among travelers. More
2014: Helluva good year for stocks The bull market has been going for 2,115 days. If you put you're money in stocks, it's been a very happy year. More
Worry about the hackers you don't know 
Crime syndicates and government organizations pose a much greater cyber threat than renegade hacker groups like Anonymous. Play
GE CEO: Bringing jobs back to the U.S. 
Jeff Immelt says the U.S. is a cost competitive market for advanced manufacturing and that GE is bringing jobs back from Mexico. Play
Hamster wheel and wedgie-powered transit 
Red Bull Creation challenges hackers and engineers to invent new modes of transportation. Play

Most stock quote data provided by BATS. Market indices are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer.

Morningstar: © 2014 Morningstar, Inc. All Rights Reserved.

Factset: FactSet Research Systems Inc. 2014. All rights reserved.

Chicago Mercantile Association: Certain market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved.

Dow Jones: The Dow Jones branded indices are proprietary to and are calculated, distributed and marketed by DJI Opco, a subsidiary of S&P Dow Jones Indices LLC and have been licensed for use to S&P Opco, LLC and CNN. Standard & Poor's and S&P are registered trademarks of Standard & Poor’s Financial Services LLC and Dow Jones is a registered trademark of Dow Jones Trademark Holdings LLC. All content of the Dow Jones branded indices © S&P Dow Jones Indices LLC 2014 and/or its affiliates.