We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Hactivists did not cause Twitter outage

Twitter is to blame for a temporary outage, not a hactivist group that claimed it took down the site in a distributed denial-of-service attack, the micro-blogging site says.

Twitter went down about 9 a.m. Pacific time Thursday, due to a "cascading bug" within one of its infrastructure components, Mazen Rawashdeh, vice president of engineering, said in the company's blog. The service had fully recovered at 11:08 a.m. Pacific on Thursday.

"It's imperative that we remain available around the world, and today we stumbled," Rawashdeh said.

A cascading bug refers to a software flaw that causes a chain reaction that takes down other systems. Twitter corrected the problem by rolling back its applications to a previous stable version.

Roughly an hour and a half after the outage started, a hactivist group that calls itself UGNazi, also known as Underground Nazi Hacktivist Group, claimed its DDoS attack took down Twitter. Chester Wisniewski, senior security adviser for Sophos, said he doubted the claim because taking down a global content delivery network like Twitter's would take "tremendous resources."

"During the downtime I had an opportunity to probe the API (application programming interface) and the behavior I observed of certain types of queries intermittently working in waves, but never being totally unavailable, matches nicely with Twitter's explanation as to why they had availability problems," Wisniewski said Friday in an email sent to CSO.

In an email sent to Computerworld and other news organizations, UGNazi claimed it took down the site because of its support for the Cyber Intelligence Sharing and Protection Act (CISPA).

CISPA, which was passed by the House in April, would give companies immunity from lawsuits and prosecution in passing customer information to the government, if the data was necessary to maintain cybersecurity or national security. The legislation is pending further congressional action.

UGNazi taking credit for an attack it may not have committed is not unusual in the twisted hactivist world. "Hacking groups, like terrorists, have claimed responsibility for random events for a very long time," Wisniewski said. "I think they expect it to boost their cred in the community, if they are perceived to be so powerful that they can impact major players in the Web 2.0 space."

During the six months before the outage, Twitter had its "highest marks for site reliability and stability ever," said Rawashdeh. On average, the site had been running normally for all but roughly 20 seconds in a 24-hour period.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

IDG UK Sites

Sony Xperia Z3+ release date, price and specs: The Xperia Z4 for the UK

IDG UK Sites

Why Intel’s vision of the future is a future I want to live in

IDG UK Sites

10 amazing, creative uses of tech – and the brands behind them

IDG UK Sites

Jony Ive 'semi-retired' into new role: kicked upstairs as Chief Design Officer