Twitter still struggling to recover from DOS attack
The DOS (denial-of-service) attack that crippled Twitter on Thursday is still affecting the micro-blogging service on Friday, the company said in a blog post.
Specifically, Twitter has had to take defensive actions that are preventing some third-party Twitter applications from communicating with the company’s API (application programming interface).
In addition, many users can’t post Twitter messages via SMS (Short Message Service), as Twitter continues to defend itself against the attack, which the company described as “ongoing” in the blog.
“Due to defensive measures we’ve taken against the ongoing denial-of-service attack, some Twitter clients are unable to communicate with our API, and many users are unable to tweet via SMS,” reads the blog post. “We are working as quickly as possible to restore our full service.”
In another update posted later at around 2 p.m. Eastern Time on Friday, this time in the company’s main blog, Twitter cofounder Biz Stone called the situation an “adventure” and said the company has faced a variety of attacks over the past 24 hours that change “in nature and intensity.”
Stone also reiterated that the attack is still ongoing, but that no data or personal information “of any kind” has been compromised.
The company is still working to restore access to third-party Twitter applications affected by the “defensive measures” taken by the company, which Stone acknowledged resulted in “overcompensation on our part.” He didn’t mention whether the problem with posting via SMS has been resolved.
“Denial of Service attacks are a known quantity on the web and they are not going away any time soon. Nevertheless, we can and will improve system response to these assaults such that they don’t interfere with our normal, everyday Twittering,” Stone wrote.
The DOS attack hit several sites, including LiveJournal and Facebook, but Twitter has been by far the most affected, as it went offline for hours on Thursday.
As speculation brewed over who is responsible for the attack, a blogger from the country of Georgia blamed Russia for it, saying it’s an attempt to silence him, according to a report Friday in The Guardian.
The blogger, identified as Cyxymu, told The Guardian that he believes the Kremlin was behind the attack because he has been critical of Russia’s policies and actions towards Georgia, specifically regarding the military conflict over the South Ossetia region.
“Maybe it was carried out by ordinary hackers but I’m certain the order came from the Russian government,” the blogger told The Guardian. “An attack on such a scale that affected three worldwide services with numerous servers could only be organized by someone with huge resources.”
The blogger, who told the newspaper that his first name is Georgy and that he is a 34-year-old economics lecturer, said that the hackers sent hundreds of thousands of e-mail messages, falsely saying they came from him and asking recipients to visit his pages on Twitter, LiveJournal and Facebook.
On Friday, a spokeswoman for Facebook told IDG News Service that Thursday’s attack “appears to be directed at an individual who has a presence on a number of sites, rather than the sites themselves.”
“Specifically, the person is an activist blogger and a botnet was directed to request his pages at such a rate that it impacted service for other users. We’ve isolated the issue and almost all of our users are able to enjoy the normal Facebook experience,” she said via e-mail.
A source close to Facebook further told IDG News Service on Friday that the attack was aimed at a specific user based in Georgia.
In Friday’s blog posting, Stone side-stepped this issue, saying that while the attack appears to have a “geopolitical” motivation, Twitter will not discuss the matter. “The open exchange of information can have a positive impact globally and our job is to keep Twitter services running reliably to the best of our ability,” Stone wrote.
Another source told IDG News Service on Thursday that a portion of the service that redirects third-party-owned URLs (uniform resource locators) to Google Sites or the Google Blogspot service also was affected for about an hour by the DOS attack.
“We are aware that a handful of non-Google sites were impacted by a DoS attack yesterday, and are in contact with some affected companies to help investigate this attack. Google systems prevented substantive impact to our services,” a Google spokesman said Friday via e-mail.
Twitter didn’t immediately respond to a request for comment.
LiveJournal declined to comment.
Updated at 12:59 p.m. PT to include an updated status report from Twitter.