Twitter is to blame for a temporary outage, not a hactivist group that claimed it took down the site in a distributed denial-of-service attack, the micro-blogging site says.
Twitter went down about 9 a.m. Pacific time Thursday, due to a "cascading bug" within one of its infrastructure components, Mazen Rawashdeh, vice president of engineering, said in the company's blog. The service had fully recovered at 11:08 a.m. Pacific on Thursday.
"It's imperative that we remain available around the world, and today we stumbled," Rawashdeh said.
A cascading bug refers to a software flaw that causes a chain reaction that takes down other systems. Twitter corrected the problem by rolling back its applications to a previous stable version.
Roughly an hour and a half after the outage started, a hactivist group that calls itself UGNazi, also known as Underground Nazi Hacktivist Group, claimed its DDoS attack took down Twitter. Chester Wisniewski, senior security adviser for Sophos, said he doubted the claim because taking down a global content delivery network like Twitter's would take "tremendous resources."
"During the downtime I had an opportunity to probe the API (application programming interface) and the behavior I observed of certain types of queries intermittently working in waves, but never being totally unavailable, matches nicely with Twitter's explanation as to why they had availability problems," Wisniewski said Friday in an email sent to CSO.
In an email sent to Computerworld and other news organizations, UGNazi claimed it took down the site because of its support for the Cyber Intelligence Sharing and Protection Act (CISPA).
CISPA, which was passed by the House in April, would give companies immunity from lawsuits and prosecution in passing customer information to the government, if the data was necessary to maintain cybersecurity or national security. The legislation is pending further congressional action.
UGNazi taking credit for an attack it may not have committed is not unusual in the twisted hactivist world. "Hacking groups, like terrorists, have claimed responsibility for random events for a very long time," Wisniewski said. "I think they expect it to boost their cred in the community, if they are perceived to be so powerful that they can impact major players in the Web 2.0 space."
During the six months before the outage, Twitter had its "highest marks for site reliability and stability ever," said Rawashdeh. On average, the site had been running normally for all but roughly 20 seconds in a 24-hour period.
Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.