Warning: Constant ABSPATH already defined in /home/public/wp-config.php on line 27
It Was All Politics — Why Now?
On-line Opinion Magazine…OK, it's a blog
Random header image... Refresh for more!

It Was All Politics

The BBC notes that Twitter went down because of a Web attack ‘aimed at one blogger’

A “massively co-ordinated” attack on websites including Google, Facebook and Twitter was directed at one individual, it has been confirmed.

Facebook told BBC News that the strike was aimed at a pro-Georgian blogger known as Cyxymu.

The attack caused a blackout of Twitter for around two hours, while Facebook said its service had been “degraded”.

Google said it had defended its sites and was now working with the other companies to investigate the attack.

“[The] attack appears to be directed at an individual who has a presence on a number of sites, rather than the sites themselves,” a Facebook spokesman told BBC News.

“Specifically, the person is an activist blogger and a botnet was directed to request his pages at such a rate that it impacted service for other users.”

Anyone want to guess where the attack originated? Come on people you can get free anti-virus and anti-spyware software that will stop your machine from becoming part of these attacks. ISPs can clamp down on this garbage. Make these people work for their attacks, don’t help them out with an unprotected machine.

The academic world really needs to look at its systems, because I’m tired of sending e-mails about spammers using their networks. You don’t need to censor anything, but you do need to protect your own infrastructure.

6 comments

1 Kryten42 { 08.08.09 at 12:52 am }

Yeah, what you said m8! *sigh* And it’s soooo easy to protect a network against this kind of simple attack. Whoever the SysAdmin of facebook is, I’d be looking for a new one. You don’t even need any fancy or expensive software. This is what you get when an organisation focuses almost exclusively on revenues.

2 Bryan { 08.08.09 at 1:07 am }

Twitter is impossible to protect because of its nature and the multiple ways of accessing, but Facebook is not exactly the new kid on the block. My host deals with this stuff all the time because “Nearly Free Speech” is not exactly into censoring the types of sites it hosts, so some of them attract DDOS attacks. They send out notices that these events are happening, but you generally can’t really tell from response times. They got hacked not long ago, but that was a semi-inside job, and have harden things even more.

It’s all the clueless people who click on everything and don’t even make an effort to lock down their machine. I thought my brother was going to disown my youngest nephew for connecting a friend’s infected box into his home network. I had to listen to him bitch about cleaning things up for a week.

3 SSG { 08.08.09 at 1:19 am }

@Kryten42-Facebook has assorted weird malfunctions on any given day, so I didn’t notice any slowdowns or anything. Heh.

@Bryan-“They got hacked not long ago, but that was a semi-inside job, and have harden things even more.”

Your web host got hacked? Seriously?

4 Kryten42 { 08.08.09 at 2:05 am }

I singled out facebook rather than twitter because it’s been around awhile. But I also know it was poorly designed and poorly implemented and they are forever trying new bandaid’s which rarely work. And, Twitter isn’t impossible to protect, just difficult. 🙂 Though security is a constantly evolving and moving target. A good security team is on top of it, and they should have a decent simulated testing environment. But, companies don’t give a damn about prevention, until it bites them hard. 🙂 And we all pay for it. Google wasn’t affected (or at least, minimally affected) because they implement a decent honey-net and other layered strategies/protections. and they test constantly. They learned the hard way some years ago. 😉

I’ve had to audit large networks (like Powertell, GlobalCenter) and while it is more difficult to protect from internal attacks, it can be done, and can in fact be easier to protect against than external attacks. The first step is to assume it will happen, and compartmentalize the systems, ensure internal access is restricted and constantly monitored, and that no single person has access to everything. 🙂 Only a paranoid layered approach to security can be effective. Because… “They ARE out to get you!” “lol”

I know of a group known as ‘The Tiger Team” out of SE Asia. They have successfully penetrated every target they have been given (though, they do only accept jobs they are reasonably certain they can succeed against, but that includes some very *high profile* targets). Their fee’s start at about $10k for a very *soft* target. 😉

5 Comrade Kevin { 08.08.09 at 11:20 am }

It shows the fragility of the entire network. I really think they need to sell computer pre-installed with virus scan, firewall, and adware protection.
.-= last blog ..A Brief Reflection =-.

6 Bryan { 08.08.09 at 12:38 pm }

SSG, they, personally, got hacked in their area, not in the general area, and it was caused by a weakness in a widely used PhP tool used for mySQL admin. Their accounting data base was diddled by a customer, all of which was duly logged by the appropriate auditing software and the miscreant ID’d and punished within a day, but that shouldn’t have been possible, so they pulled things apart and rebuilt them to stop that sort of thing from happening again. You had to already have customer privileges to even get to the area where this happened, and almost all of the structure is virtual, rather than physical, so you can’t do much of anything from the outside.

Any code can be broken. Codes, even nuclear codes, are rated by the estimated time it would take to break them, i.e. 24-hour, 30-day, 1-year, 1-century, etc. , and the estimates are altered by on advancements in technology. The 30-day codes become 24-hour codes as computers gain power and speed.

All this means is that the next attack, and there will be a next attack, will be different.

Which is why these DDOS attacks are so annoying, because they aren’t different. They are the same thing repeatedly, and the defenses are well known. It is the failure of people to deploy the defenses that is annoying.

Much of the ‘Net is dependent on voluntary cooperation, which is why uncooperative people need to be crushed. My attitude is that if big ISPs like AT&T want to set up tiers of service, other people should stop cooperating with them. Maybe they’ll figure out that they don’t control what they thought they did.

We both know, Kryten, that everything will be attacked, eventually, and someone one will figure out how to penetrate any defense, but you don’t make it easy for them.

They do, CK, but people turn them off because they can’t access sites they think they want to go to. There is no defense against stupid.