Thursday, August 13, 2009

How Did Hackers Cripple Twitter?

How did hackers bring down Twitter?

Hackers slowed Twitter to a standstill early on Aug. 6, frustrating millions of users. For the culprits, all it took to snarl the popular social-networking site was one of the oldest tools in the Internet hacker handbook: the distributed denial-of-service attack (commonly shortened to DDoS), a method that has been used to crash some of the Web's largest sites, including Yahoo! and CNN.

DDoS attacks are surprisingly low tech. Using a network of computers (dubbed zombies) controlled by a single master machine, the hacker tries to overwhelm a website's servers. It's a brute-force approach — the network of hacker-controlled computers floods the server with requests for data until the server overloads and comes crashing down. Graham Cluley, a computer security expert, likened the attack to "15 fat men trying to get through a revolving door at the same time." The attacks do no lasting damage — user data aren't compromised, and the site isn't down for long. Once the fat men stop rushing the doors, everything returns to normal. (See the top 10 celebrity Twitter feeds.)

Adding to the chaos is the fact that the zombie computers often show no signs of being infected. Hackers look for computers with security vulnerabilities and infect them in advance of an attack. When the hackers are ready to launch the assault, the master computer awakens its zombie army, and the attack begins. Because DDoS utilizes multiple computers from multiple locations — and because hackers may use their network for only a single attack — there's no way to protect against a seemingly random array of computers suddenly going rogue. Once the attack begins, websites can try to trace the sudden flood of traffic back to the source computer and filter it out, but even that's a complex process. Internet service providers say they're rarely able to identify the master computer behind a DDoS attack.

This method of causing computer chaos has been used at least as far back as 1998, when the first software tools were developed to assist in DDoS assaults. But the attacks didn't garner much attention until 2000, when Amazon, eBay, Yahoo! and CNN were brought down in a single week by a Canadian teenager. They've been a scourge ever since and have even been employed in cyberwarfare. During the war between Russia and Georgia last year, hackers brought down several Georgian websites using a DDoS attack. And in the aftermath of Iran's tumultuous election in June, several international computer networks were trained to take down sites belonging to President Mahmoud Ahmadinejad.

While some Facebook services were unavailable early Aug. 6, Facebook officials said it wasn't immediately clear if it was related to the Twitter attack.

Follow TIME on Twitter.

Become a fan of TIME on Facebook.

Post a Comment