Showing posts with label cyberattacks. Show all posts
Showing posts with label cyberattacks. Show all posts

Aug 8, 2009

Professor Main Target of Assault on Twitter

The cyberattacks Thursday and Friday on Twitter and other popular Web services disrupted the lives of hundreds of millions of Internet users, but the principal target appeared to be one man: a 34-year-old economics professor from the republic of Georgia.

During the assault — the latest eruption in a yearlong skirmish between nationalistic hackers in Russia and Georgia — unidentified attackers sent millions of spam e-mail messages and bombarded Twitter, Facebook and other services with junk messages. The blitz was an attempt to block the professor’s Web pages, where he was revisiting the events leading up to the brief territorial war between Russia and Georgia that began a year ago.

The attacks were “the equivalent of bombing a TV station because you don’t like one of the newscasters,” Mikko Hyppönen, chief research officer of the Internet security firm F-Secure, said in a blog post. “The amount of collateral damage is huge. Millions of users of Twitter, LiveJournal and Facebook have been experiencing problems because of this attack.”

The blogger, a refugee from the Abkhazia region, a territory on the Black Sea disputed between Russia and Georgia, writes under the name Cyxymu, but identified himself only by the name Giorgi in a telephone interview. Giorgi, who said he taught at Sukhumi State University, first noticed Thursday afternoon that LiveJournal, a popular blogging platform, was not working for him. “I decided to go to Facebook,” he said. “And Facebook didn’t work. Then I went to Twitter, and Twitter didn’t work. ‘How strange,’ I thought, ‘What a coincidence they all don’t work at once.’ ”

Security experts say that it is nearly impossible to determine who exactly is behind the attack, which disrupted access to Twitter, Facebook, LiveJournal and some Google sites on Thursday and continued to affect many Twitter users into Friday evening.

But Beth Jones, an analyst with the Internet security firm Sophos, said the assault occurred in two stages.

Early Thursday, the attackers sent out a wave of spam under the name Cyxymu, which is a Latin transliteration of the Cyrillic name of the capital of Abkhazia, Sukhumi. This technique, a “joe job,” is intended to discredit a Web user by making him appear to be the source of a large amount of junk e-mail. “These hackers wanted to make him look responsible for millions of spam e-mails,” said Ms. Jones.

The messages contained links to Giorgi’s accounts on several social networks and Web sites, including Twitter.

The next leg of the attack, Ms. Jones said, was a distributed denial of service, or D.D.O.S., attack aimed at knocking Giorgi off the Web. The hackers used a botnet, a network of thousands of malware-infected personal computers, to direct huge amounts of junk traffic to Cyxymu’s pages on Twitter, LiveJournal, YouTube and Facebook in an attempt to disable them, Ms. Jones said.

The junk messages overwhelmed the services, slowing them, and in the case of Twitter and LiveJournal, shutting them down entirely for a time.

Giorgi said his pages were providing a place for refugees from Abkhazia to exchange memories of their home. The Twitter page had a sepia photograph of a palm-lined city street. “It was nostalgia,” he said.

This week, he began posting day-by-day accounts of the run-up to the conflict that drew partly on posts from his readers inside of Abkhazia, who he said had been describing how the Russian army staged its forces in the region in early August 2008.

“I feel a bit ashamed for the people who lost service because my blog was blocked,” said Giorgi.

The hundreds of millions of Internet users affected were simply “collateral damage,” said Ms. Jones.

The attacks and their aftermath show just how vital Web tools and services are becoming to political discourse — and how vulnerable they are to disruption.

“They aren’t set up to play the role of a global communications network, but very quickly they’ve come to represent that,” said John Palfrey, a law professor and co-director of Harvard University’s Berkman Center for Internet and Society.

The attacks that felled Twitter shed light on the fragility of the popular microblogging service, especially compared to its competitor Facebook, which quickly recovered from the pummeling, said Stefan Tanase, a researcher at Kaspersky Lab, an Internet security firm. Twitter, a small San Francisco company, has been struggling to improve its security even as it tries to manage hypergrowth in the number of users and messages it handles.

But, Mr. Tanase said, “Twitter is definitely a company that is learning fast and reacting fast.”

The outage frustrated many Twitter users. Some migrated over to better-functioning social networks like Facebook and FriendFeed to send messages and follow conversations, said Jeremiah Owyang, an analyst at Forrester Research and a prolific tweeter.

“If Twitter goes down or shuts down permanently, the conversation just shifts somewhere else,” he said.

For others, solving the problem wasn’t quite as simple.

Soren Macbeth, founder and chief executive of StockTwits, a service that lets investors trade news and information about companies, said his service, which is built on Twitter’s infrastructure, was offline Thursday and still hadn’t fully recovered Friday.

“Having the service be intermittent is almost worse than having it be totally down,” he said. “It makes it seem more like our issue, a problem with our service.”

Mr. Macbeth said the service, which receives as many as 10,000 postings a day, had been at Twitter’s mercy since its inception. “It’s very challenging to run a business on top of Twitter,” he said. The difficulties of working with Twitter had already prompted StockTwits to begin developing a stand-alone platform, which the company plans to introduce on Sept. 1.

But for most businesses, Twitter is merely a supplemental marketing tool.

Ben Van Leeuwen, who runs trucks that serve scoops of ice cream to customers around New York City, said he didn’t even notice the service was down. “Sales were the same yesterday as they were the day before,” he said.

Aaron Magness, who heads up new business development and marketing at Zappos.com, an online shoe retailer with a sizable following on Twitter, said in an e-mail message that the outage didn’t affect the company.

“Twitter is one of many communication tools we utilize,” he said. “Luckily, we love talking to our customers and Twitter going down doesn’t impact our phones."