The largest microblogging site, Twitter, was down for most of Thursday morning. A blog posting by the company later in the day said that the company was “defending against a denial-of-service attack.” An update later in the day said that the site was “continuing to ... recover from this attack.”
Twitter is growing rapidly popular. The site now reports close to 30 million users, up from 2 million only around a year ago.
Popular social networking site Facebook was also suspected to have been hit by a similar attack on Thursday morning. The site was reported to be unusably slow by many users.
Tests run by this reporter found this to be true: logins, posts, and instant messaging on the popular social networking platform oftentimes took seconds to complete, instead of being finished nearly instantaneously.
Popular blog site LiveJournal also confirmed that it had been hit by a DoS attack. The company said that an attack had occurred at approximately 6 a.m. Pacific time.
The denial-of-service attacks are the latest in a round of such attacks. In July of this year, several websites run by the U.S. government, the New York Stock Exchange and websites in South Korea were taken down by similar attacks. While North Korea was suspected to be involved in those attacks, analysts have indicated in interviews with The Epoch Times that it was most likely the Chinese Communist Party helping North Koreans with the technology to launch the attacks.
Denial-of-Service Attacks
Denial-of-service attacks are often employed by malicious hackers when they attempt to bring down websites. Such attacks involve setting up a large number of connections to the web server hosting the website. Though these connections look like legitimate connections from an end user’s browsers, the connections are actually often automated requests that are set up by trojans or bots.
Some forms of denial-of-service attacks use loopholes in the protocols used in the Internet networking architecture, some of which still exist despite attempts to patch them up. Two commonly used attacks are a TCP SYN flooding, where an end node fools the server into attempting to set up a connection, but then drops the connection, making the server attempt to keep the connection, rapidly depleting server resources.
Another attack involves spoofing network packets to make them look like they originate from nodes that never requested the packet.
Even though current network architectures are strengthened against the TCP SYN-flooding and the packet-spoofing attacks, a huge number of machines and servers are reported to still be vulnerable to these attacks.
A common form of denial-of-service attacks nowadays, known as a distributed denial-of-service (DDOS) attack, involves using a huge number of computers in different locations to launch a synchronized attack against a website. DDOS attacks are more possible nowadays as insecure computers, infected by trojans and worms, can be unknowingly commandeered and operated by a command-and-control (C-and-C) node in the hands of the malicious hacker, who can orchestrate a devastating attack using the compromised computers at his control.
