Posted by John Kindervag on August 7, 2009
My BlackBerry battery died more quickly than usual yesterday as I received a wave of calls from reporters wondering about the denial of service (DoS) attacks against Facebook, Twitter, and other social networking sites. It seems many people are not aware of the long and storied history of denial of service attacks and this is their first personal experience with DoS. These types of DoS attacks have been around since the creation of the public Internet. A 15 year old named Mafiaboy famously brought down many of the top Websites of the day at the beginning of this millennium using similar techniques.
It appears that yesterday's attack was a distributed denial of service (DDoS) attack where a large number of hosts controlled by the same attackers were used to launch a coordinated attack against social networks. Over the course of the next few days and weeks we should see some more detailed information about the anatomy of this attack, but for now blame has been spread all across the usual suspects. Will we ever know who was behind this? Probably not. Mafiaboy was caught because he bragged about his exploits in Internet chat rooms. If the Twitter attackers stay quiet, they will be hard to find.
The good news is that this really didn't disrupt business or cause damage to sensitive data. It was merely an inconvenience. In fact it would have gone unnoticed like the thousands of DoS attacks before it if Twitter and Facebook weren't the flavors of the month. Things could've been worse. Banks, eCommerce sites or credit card networks could have been targeted. Real money could've been lost. Hopefully this is a wakeup call to organizations that they need to take proactive measures to protect their networks from all types of attacks.
[Posted by John Kindervag]