We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,818 News Articles

Hactivists did not cause Twitter outage

Twitter is to blame for a temporary outage, not a hactivist group that claimed it took down the site in a distributed denial-of-service attack, the micro-blogging site says.

Twitter went down about 9 a.m. Pacific time Thursday, due to a "cascading bug" within one of its infrastructure components, Mazen Rawashdeh, vice president of engineering, said in the company's blog. The service had fully recovered at 11:08 a.m. Pacific on Thursday.

"It's imperative that we remain available around the world, and today we stumbled," Rawashdeh said.

A cascading bug refers to a software flaw that causes a chain reaction that takes down other systems. Twitter corrected the problem by rolling back its applications to a previous stable version.

Roughly an hour and a half after the outage started, a hactivist group that calls itself UGNazi, also known as Underground Nazi Hacktivist Group, claimed its DDoS attack took down Twitter. Chester Wisniewski, senior security adviser for Sophos, said he doubted the claim because taking down a global content delivery network like Twitter's would take "tremendous resources."

"During the downtime I had an opportunity to probe the API (application programming interface) and the behavior I observed of certain types of queries intermittently working in waves, but never being totally unavailable, matches nicely with Twitter's explanation as to why they had availability problems," Wisniewski said Friday in an email sent to CSO.

In an email sent to Computerworld and other news organizations, UGNazi claimed it took down the site because of its support for the Cyber Intelligence Sharing and Protection Act (CISPA).

CISPA, which was passed by the House in April, would give companies immunity from lawsuits and prosecution in passing customer information to the government, if the data was necessary to maintain cybersecurity or national security. The legislation is pending further congressional action.

UGNazi taking credit for an attack it may not have committed is not unusual in the twisted hactivist world. "Hacking groups, like terrorists, have claimed responsibility for random events for a very long time," Wisniewski said. "I think they expect it to boost their cred in the community, if they are perceived to be so powerful that they can impact major players in the Web 2.0 space."

During the six months before the outage, Twitter had its "highest marks for site reliability and stability ever," said Rawashdeh. On average, the site had been running normally for all but roughly 20 seconds in a 24-hour period.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.


IDG UK Sites

45 Best Android games: top Android games for your smartphone or tablet in 2014 (24 are free!)

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Do you have the X-Factor too? Mix Off app puts fans in the frame

IDG UK Sites

iPad Pro release date, rumours and leaked images - 12.9 screen 'coming in 2015'