Cutting Through The Twitter DDoS Hype

Type threatpost
Reporter Stefan Tanase
Modified 2013-05-03T16:01:07


There are a lot of theories flying around about why Twitter and other
social media services got knocked offline yesterday. I’ve heard rumors
about it being linked to political tension between Georgia and Russia.
Others blame Iran for the outages.

I’m not a political commentator, therefore I cannot comment on
anyone’s political views — but I have some logic and common sense, and
I can draw some objective conclusions.

Anyone saying where the attack is coming from can only base their
conclusions on pure speculation. There is no real data to prove who is
behind it, and if there would be any clue about the origins of this
attack, it would be in the access logs on the victim servers —
Twitter, Facebook, LiveJournal and others in this case.

And there are some interesting points to be raised:

Firstly, it is very naive to think that by DDoS-ing a major social
network such as Facebook or Twitter anybody can be silenced. Such an
attack can only last for a limited amount of time, and after that
everything is back to normal.

It doesn’t really make sense for any government to launch such a
DDoS attack just to silence somebody, anybody. An attack can last from
a few minutes to a few hours – and after that what? Everything is back
to normal, all communications are possible again. Personally, I don’t
see any advantage that a government would achieve by disrupting access
to Twitter or Facebook for 2 or 3 hours.

Secondly, talking about “Cyxymu” himself or any political activist –
I’m sure that governments or intelligence agencies have more direct and
efficient methods for silencing somebody, if that was the case.
DDoS-ing social networks doesn’t make sense, it is like using a tank to
kill a mosquito.

Also, it’s worth noting that “Cyxymu” didn’t even have 100 followers
on Twitter when the attacks started – so I am wondering how big his
influence really was to even consider him as the root cause of the DDoS

Finally, I would like to point out that people are always in love
with conspiracy theories – unfortunately. Blaming the DDoS attacks on
Russia, Georgia or Iran is always going to make the story more popular.
I wish there weren’t so many people fueling these conspiracy theories
regarding yesterday’s DDoS attack.

The only thing that I’m sure is going to happen after these
incidents is that Twitter will gain even more popularity as a result.
Everybody’s talking about it, the story is all over the news, all over
the world – so the only thing that will happen is that Twitter will be
even more popular after this.

  • Stefan Tanase is a senior regional researcher in Kaspersky Lab’s Global Research and Analysis Team.