Saturday, 08 August 2009

Twitter Attack Aimed at Georgian Blogger

Written by 

computer keyboardCNET News reported on August 6 that “a Georgian blogger with accounts on Twitter, Facebook, LiveJournal, and Google's Blogger and YouTube was targeted in a denial-of-service attack that led to the sitewide outage at Twitter and problems at the other sites on Thursday, according to a Facebook executive.”

Advertisement

The blogger, whose account name “Cyxymu” is also the name of a town in the Republic of Georgia, had accounts that were simultaneously attacked on all these different sites, according to Max Kelly, chief security officer at Facebook. “It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard,” Kelly told CNET. “We're actively investigating the source of the attacks, and we hope to be able to find out the individuals involved in the back end and to take action against them, if we can.”

Kelly did not want to speculate on the source of the attack, but did say: “You have to ask who would benefit the most from doing this and think about what those people are doing and the disregard for the rest of the users and the Internet.” Twitter co-founder Biz Stone wrote in the Twitter Blog that “the ongoing, massively coordinated attacks on Twitter this week appear to have been geopolitical in motivation. However, we don't feel it’s appropriate to engage in speculative discussion about these motivations.”

The Times of London on August 7 was more willing to to take a guess: “Hackers from Russia may have attacked Google, Twitter and Facebook in an attempt to silence a pro-Georgian blogger.” Then again, they may just have been taking Cyxymu at his word. The Georgian blogger said in an August 7 Tweet that the hackers were from the Russian KGB.

Twitter was down for several hours on the morning of August 6 because it was the victim of a cyberattack known as a distributed denial-of-service (DDoS) attack. A DDoS attack takes place after thousands of computers become infected with viruses or other malicious software. They are then vulnerable to being instructed by the creator of the software to visit specific websites all at the same time, over and over again. The flood of repeated requests for the sites is so overwhelming that legitimate traffic can’t get through.

Kelly said: “The people who are coordinating this attack, the criminals, are definitely determined and using a lot of resources. If they're asking our infrastructure to generate hundreds of pages a second, that’s a lot of pages our users can’t see.”

Cyberattacks such as the ones directed at Cyxymu were part of Russia’s invasion of Georgia on August 8, 2008. It appears that the one year anniversary is sparking tensions.