Twitter hackers targeting blogger

New Zealand is vulnerable to social networking site attacks because of a lack of infrastructure. Photo / Dean Purcell

NEW YORK - The outage that knocked Twitter offline for hours has been traced to an attack on a lone blogger in the former Soviet republic of Georgia.

Twitter crashed because of a denial-of-service attack, in which hackers command scores of computers toward a single site at the same time to prevent legitimate traffic from getting through.

The attack was targeted at a blogger who goes by "Cyxymu" - the name of a town in Georgia - on several websites, including Twitter, Facebook and LiveJournal.

But they could have just as well targeted Twitter itself. That's because the effects were the same whether the excess traffic went to the "twitter.com" home page or to the page for Cyxymu at "twitter.com/cyxymu." Same with Facebook and LiveJournal.

Kazuhiro Gomi, chief technology officer for NTT America Enterprise Hosting Services, which hosts Twitter's service said the attacking computers were located around the world and the source of the attacks was not known.

The attacks seemed to come in two waves.

The first was a spam campaign consisting of emails with links back to posts by Cyxymu. This drove some traffic to the blogger's postings on various social-networking sites, possibly to disparage him as the source of the spam.

The second and more destructive phase consisted of the denial-of-service attack, which attacked the sites' servers by sending it lots of junk requests - presumably to prevent people from reading his viewpoints.

It would have been much harder for the perpetrators of the attacks to isolate Cyxymu's accounts on each social-networking site and shut it down. To do that, they would have needed to access his password by guessing it or somehow luring him into giving it out.

The blunt approach was easier - and more damaging.

Netsafe executive director Martin Cocker told the Weekend Herald that websites run from New Zealand were vulnerable to attacks such as those that heavily disrupted Twitter and Facebook.

Users of the social networking sites faced outages or delays after suspected "denial-of-service" attacks - in which hackers overwhelm a website's servers with communications requests - leaving millions unable to carry out their daily routines.

The attacks, which came a month after the White House website was targeted in a similar online assault, have underscored the vulnerability of fast-growing networking sites that have been heralded as powerful new political tools.

Mr Cocker said many denial-of-service attacks occurred every day, but most were launched by people without the means to do any real damage.

"A denial-of-service attack is literally bringing the website down ... as opposed to hacking a website trying to steal something from it.

"Increasingly they are of concern. As a country, we don't have a lot of infrastructure to deal with it.

"What it does do, for any business that is subject to a successful denial-of-service attack, is that you lose confidence in that business."

If Facebook and Twitter, for example, were constantly taken down by these attacks, people would move away from them, Mr Cocker said.

"Most small businesses in New Zealand ... have no particular technical capacity to defend themselves against a denial-of-service attack.

"[But] the main thing is that none of them are ... high enough profile targets."

Motives for denial-of-service attacks ranged from political to rabble-rousing to extortion, with criminal groups increasingly threatening to hobble popular websites that did not pay demanded fees, security experts told Reuters.

In a blog post, Twitter co-founder Biz Stone said the company preferred not to speculate about the motivation of the malicious attack on the site that made it inaccessible for several hours.

"Twitter has been working closely with other companies and services affected by what appears to be a single, massively co-ordinated attack."

Members of Facebook, the world's largest internet social network with more than 250 million active users, were delayed logging in and posting to their online profiles.

Like Twitter, Facebook said the problems appeared to stem from a denial-of-service attack.

Speculation swirled on the internet that other sites, including Google, had also come under attack, but those rumours could not be confirmed.

Twitter's new-found fame made it an easy target for hackers, said Steve Gibson, the president of internet security research firm Gibson Research.

Security experts said a single group could have been behind the problems on Twitter, Facebook and the other sites as hackers evolve their ability to attack multiple sites at once.

- Jarrod Booker, Bloomberg, AP