Twitter, Facebook Attack Targeted One User

Accounts of Pro-Georgian Blogger Were Target in Attack That Lead To Outage at Twitter

(CNET)  By CNET Staff Writer Elinor Mills

A pro-Georgian blogger with accounts on Twitter, Facebook, LiveJournal and Google's Blogger and YouTube was targeted in a denial of service attack that led to the site-wide outage at Twitter and problems at the other sites on Thursday, according to a Facebook executive.

The blogger, who uses the account name "Cyxymu," (the name of a town in the Republic of Georgia) had accounts on all of the different sites that were attacked at the same time, Max Kelly, chief security officer at Facebook, told CNET News.

"It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard," Kelly said. "We're actively investigating the source of the attacks and we hope to be able to find out the individuals involved in the back end and to take action against them if we can."

Kelly declined to speculate on whether Russian nationalists were behind the attack, but said: "You have to ask who would benefit the most from doing this and think about what those people are doing and the disregard for the rest of the users and the Internet."

Twitter was down for several hours beginning early Thursday morning, and suffered periodic slowness and time-outs throughout the day.

Cyxymu's LiveJournal page wasn't accessible, but a cached version showed that it was updated on Thursday with a message about the denial of service (DOS) attacks on his accounts on the US-based sites. "Now it's obvious it's a special attack against me and Georgians," the message in Russian said.

The site also apologized for a spam e-mail attack in which the sender was spoofed and made to look like the e-mails were sent by him. Screen shots are shown. It's unclear whether or how the spam attack is related to the DOS attacks.

In the distributed denial of service (DDOS) attack on the sites, computers that have been compromised by viruses or other malware are instructed by the attacker's computer to visit the specific Web sites all at the same time and repeatedly. The barrage of connection requests overwhelms the target sites, making it so that legitimate Web traffic can't get through.

Such coordinated attacks require the efforts of tens of thousands or more of hijacked computers, which together form a botnet. Spammers send e-mails with malicious attachments or URLs to millions of people to create botnets. Criminals also can lease existing botnets for specific campaigns for as little as 5 cents to 10 cents per bot.

"The people who are coordinating this attack, the criminals, are definitely determined and using a lot of resources," Kelly said. "If they're asking our infrastructure to generate hundreds of pages a second, that's a lot of pages our users can't see."

Facebook and Google were able to minimize any impact to their sites. Facebook even managed to keep the Cyxymu account accessible to Web surfers from that region, Kelly said, although it was inaccessible to people in other geographic areas, including San Francisco.

This was the first coordinated attack on the sites, and all the companies involved were working closely on the investigation, he said. "My team and the teams that are working together at all these companies are doing a really good job very quickly and I'm proud and happy," he said.

Twitter and LiveJournal did not immediately return e-mails and calls seeking comment.

A Google spokesman offered this statement: "We are aware that a handful of non-Google sites were impacted by a DOS attack this morning, and are in contact with some affected companies to help investigate this attack. Google systems prevented substantive impact to our services."

Political and military conflicts between Russia and it former Republic spilled online last year with DOS attacks and Web site defacements going both directions.

[refbatch]

People! You know yourself - there is no any freedom of speech ,even in USA.
The first of all US authorities needs to prepare society oppinion about that russians are very bad etc. for to extend US military escalation in the region of Caucausus.
I am sorry to see stupidity of US administration.

[cameraphone]

Wouldn't Russians, in their campaign against Georgia, be more effective doing a YouTube video RANT like that woman did in the midst of her divorce?

[turkeytime]

The shadow side of FACEBOOK
is included in Prolific Playwright LARRY MYERS'
"Facebook Puberty"
an ominous Pinter-esque menace pervades thsi transom peeping stalker like phenomenon
yet there's the plus side too--------------communication of any kind
Dr Myers explored other cyber goodies in "E (veryman) Mail "twitter theater" & "My Space Scrabble"

[credibility2]

The Internet's Social Media sites are fraught with the anti-social, socio-psycho-path wannabes. It has become a vast wasteland for humanities rejects, vagrants and abnormals.

[avigil2]

Then quit accepting every friend request who wants to be your "friend" dummy!

[book_of_wally]

Gee wasnt that fun everybody? I cant wait to participate in the next internet flash mob.

[Void_Master]

Like many other businesses and individuals around the globe, my own livelihood is inexorably connected to the Internet (no pun intended). I wonder if we really know just how vulnerable we all are to attack.

Think about it. What if the Internet -- worldwide -- shut down for just 24 hours. I suspect the resultant economic collapse would make last year's financial crisis look like little more than a mild drop in the markets.

[aChangeOfIdeas]

no kidding, it was bad enough when I was at the checkout in the grocery store and the power went out. You don't even need internet for that, but even though emergency generators came on but they don't power the cash registers. It was a complete halt, powerless without the power.

[jetranger7]

Monday morning - PAY PAL went Down for like 5 to 8 hours too, altho they claim it was a server problem on their end,, probably to keep everybody quiet, and not lose customers,, but I think something else was going on with PAY PAL, because late sunday nite as late as midnight I was able to check in and log in and view my account,, and also again at 3am and again at 6am,, by 10:00 that morning, it was still not working and by 11:30 still not working,, and I had to call them on the phone,, by 2:00pm still couldn't log in,, but by 3pm, was up and working,,, that was Monday Morning of this week ~! So now we have this Twitter Facebook breach,,, somethings up, with somebody and were not being told everything but a bunch of non-sense, like we'd know any different anyway,, but somethings a miss ~!!!!

[credibility2]

Stop using these sites. It's the great invasion of privacy and civil disruption.

[tiredofthebs]

Twitter was down?! Like OMG! Hope dialing or texting wasn't to strenuous for the DIGITAL GENERATION. All jokes aside, how many of you broadcast your EVERY MOVES to friends/fans/subscribers? If you raised your hand, you need a hobby.

[docpeter1953]

for some it is their hobby.

[John_Merritt]

What it actually confirms is what we have feared all along. If one user can impact every communication link has been answered. Accessing through a primary, secondary or tertiary party can take down our systems.

This may be nothing more than a test run on someone's part as innocent or nefarious as it may be.

[Anti-Zionist_115]

John, im not sure if you are suggesting that bringing down these sites were all cause by one person or if you are saying one person was the cause of all these people partaking in this attack. One person did not take down these sites, It would be remarkable if that was the case, but its highly highly highly unlikely.

For DoS attacks to work effectively you need to have a large # of people do this all at once. Believe me I know...

[xalen54]

These social networking sites create nothing but trouble. Myspace, Facebook, twitter, & whatever else we have will most likely doom us all in the end... Also, up yours Saakashvili! This is probably another attempt by him to get support in the international community!

[avigil2]

There are lots of pros (as well as cons) to being connected to these social networking sites. One friend even said using facebook and twitter is where she instantly learns of news alerts and iconic deaths, like John Hughes and Michael Jackson.

[dib-e]

do you even think before you type? Nothing but trouble. I just found six people from my past that are now again current friends. This means I can talk to them to get advice, a place to stay when I am out of town, job contacts. The end of the world will be brought upon us by social networking! lol a toolish comment.