Facebook and Twitter were attacked by hackers with denial-of-service attack on August 6. In a denial-of-service attack a Web site or server is bombarded with more traffic than it can handle, effectively causing online congestion. Such attacks are done from multiple computers and usually hackers send malware data to the target site in unison. After initial denial of any such attack, both Facebook and Twitter have now acknowledged attack on their site by denial-of-service attack.
In a blog hosted on an unaffected server, Twitter Co-Founder Biz Stone acknowledged the attack. "Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate," he added.
Twitter had declared their scaling problems in early 2007. And as much as the great Twitter outages of 2007 and 2008 frustrated users, these outages are much more serious. Twitter has come a long way since 2007 as 45 million people worldwide now rely on Twitter as a communication platform. They will have to scale if they really want to be the 'Pulse of the Planet.'
Facebook issued an early statement on its site saying that, "Earlier this morning, Facebook encountered network issues related to an apparent distributed denial-of-service attack that resulted in degraded service for some users. No user data was at risk and we have restored full access to the site for most users. We're continuing to monitor the situation to ensure that users have the fast and reliable experience they've come to expect from Facebook." As compared to Twitter, Facebook and Google were able to minimize any impact to their sites along with sites such as Blogger, YouTube and other Google Sites.
Pingdom, a site that tracks server uptime, states that Twitter was offline for about two and a half hours. Last time, Twitter was down due to unplanned downtime was on May 30 this year due to a software error. Denial-of-service attacks are becoming common nowadays. According to Information week, Gawker Media sites and AT&T were hit with it earlier this week. Last week, Internet Systems Consortium warned that BIND 9, the most common domain name server, contained a vulnerability that could be exploited to crash the server, leading to a denial-of-service. The company said that the vulnerability is actively being exploited and it urged users of the software to update immediately.
Amongst all this commotion an interesting piece of news has emerged. A pro-Georgian blogger with accounts on Twitter, Facebook, LiveJournal and Google's Blogger and YouTube was targeted in a denial-of-service attack that led to the site-wide outage at Twitter and problems at the other sites, according to a Facebook executive. "It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard. We're actively investigating the source of the attacks and we hope to be able to find out the individuals involved in the back end and to take action against them if we can," said Max Kelly, Chief Security Officer at Facebook to CNET. The blogger whose account was attacked uses the account name 'Cyxymu' (the name of a town in the Republic of Georgia). Kelly declined to speculate on whether Russian nationalists were behind the attack.