Attacks on lone blogger reverberate across Web
NEW YORK: The outage that knocked Twitter offline for hours was traced to an attack on a lone blogger in the former Soviet republic of Georgia — but the collateral damage that left millions around the world tweetless showed just how much havoc an isolated cyberdispute can cause.
"It told us how quickly many people really took Twitter into their hearts," Robert Thompson, director of the Center for the Study of Popular Television at Syracuse University, said Friday.
Tens of millions of people have come to rely on social media to express their innermost thoughts and to keep up with world news and celebrity gossip.
Twitter "is one of those little amusements that infiltrated the mass behavior in some significant ways, so that when it went away, a lot of people really noticed it and missed it."
The attacks Thursday also slowed down Facebook and caused problems for the online diary site LiveJournal. But Twitter, the 140-character-or-less messaging site used by celebrities, businesses and even Iranian protesters, suffered a total outage that lasted several hours.
Those attacks continued Friday from thousands of computers pummeling its servers, said Kazuhiro Gomi, chief technology officer for NTT America Enterprise Hosting Services, which hosts Twitter's service.
Twitter crashed because of a denial-of-service attack, in which hackers command scores of computers toward a single site at the same time to prevent legitimate traffic from getting through. The attack was targeted at a blogger who goes by "Cyxymu" — Cyrillic spelling of Sukhumi, a city in the breakaway territory of Abkhazia in Georgia — on several Web sites, including Twitter, Facebook and LiveJournal.
But they could have just as well targeted Twitter itself. That's because the effects were the same whether the excess traffic went to the "twitter.com" home page or to the page for Cyxymu at "twitter.com/cyxymu." Same with Facebook and LiveJournal.
"A denial of service attack like this one is a very blunt instrument," said Ray Dickenson, chief technology officer at Authentium, a computer security firm. It's as if a viewer who didn't like one show on a television channel decided to "knock out the whole station."
Or like fishing with dynamite: You'll catch something, but the blast will kill dolphins, sharks and other organisms, too.
Just who was behind these attacks is not yet clear, but the dispute was probably related to the ongoing political conflict between Russia and Georgia.
Gomi said the attacking computers were located around the world and the source of the attacks was not known.
The attacks seemed to come in two waves.
The first was a spam campaign consisting of e-mails with links back to posts by Cyxymu. This drove some traffic to the blogger's postings on various social-networking sites, possibly to disparage him as the source of the spam.
The second and more destructive phase consisted of the denial-of-service attack, which attacked the sites' servers by sending it lots of junk requests — presumably to prevent people from reading his viewpoints.
It would have been much harder for the perpetrators of the attacks to isolate Cyxymu's accounts on each social-networking site and shut it down. To do that, they would have needed to access his password by guessing it or somehow luring him into giving it out.
The blunt approach was easier — and more damaging.
On Friday, the surge of traffic to Twitter was about as it was Thursday — as much as 20 percent above normal traffic levels. But Gomi said NTT was better able to filter out the fake traffic, which is why Twitter stayed online.
Dickenson said Twitter was more vulnerable than Facebook and other sites because the company's servers are hosted by a single service provider, something larger Web sites tend to avoid as they grow.
Although having several providers is no guarantee of avoiding harm, Dickenson said doing so at least gives the sites more tools and space to work with once they occur.
Craig Labovitz, chief scientist for Arbor Networks, a Chelmsford, Mass.-based network security firm, said Twitter's smaller size also made it more vulnerable.
"Twitter is just apples and oranges compared to Facebook," he said. "Facebook is massive, and they presumably have massive infrastructure backing it."
After the attacks on Twitter started, NTT turned on a technology that protects against denial of service attacks. The problem is it slows down access to the site.
"It's still under attack," he said. "If we turned that stuff off, the Twitter site could go down immediately, to be quite honest."
According to comScore, Twitter had 20.1 million unique visitors in the United States in June, some 34 times the 593,000 a year earlier. This compares with Facebook's 77 million this June, more than double the 37.4 million in the prior year.
The Twitter outage was widely blogged, reported and — once the site was back — tweeted about, but was it really that bad? Or a mere hiccup of the information age?
For people like Lev Ekster, who uses Twitter to keep in touch with customers of his mobile cupcake truck in New York, the outage proved no more than an inconvenience. His event planner, who normally arranges cupcake orders for birthdays and bar mitzvahs, fielded phone calls all day from customers wanting to know the truck's location for the day.
"A temporary outage is not the end of the world," Ekster said. "But if this kept happening, people like myself who rely heavily on Twitter would go elsewhere."
With Twitter not working Thursday, Ekster went to Facebook instead to disclose where the CupCakeStop truck was parked. CupCakeStop has just 1,800 Facebook fans, compared with about 6,000 followers on Twitter, but it was better than nothing. He still sold out of cupcakes by 6 p.m.
As annoying as the Twitter outage may have been for some, it was nothing compared with the havoc that would have resulted from a cell phone service outage.
"A total blackout, even of television, which we consider such a charmingly old-fashioned medium ... would certainly be more massive than Twitter or Facebook," Thompson said. "We haven't gotten to a point where people are dependent on Twitter for crucial things other than reading Twitter."