Twitter Outage: Glitch, Not Hack

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Twitter is to blame for a temporary outage, not a hactivist group that claimed it took down the site in a distributed denial-of-service attack, the microblogging site says.

Twitter went down about 9 a.m. Pacific time last Thursday, due to a "cascading bug" within one of its infrastructure components, Mazen Rawashdeh, vice president of engineering, said in the company's blog. The service had fully recovered at 11:08 a.m. Pacific on Thursday.

"It's imperative that we remain available around the world, and today we stumbled," Rawashdeh said.

A cascading bug refers to a software flaw that causes a chain reaction that takes down other systems. Twitter corrected the problem by rolling back its applications to a previous stable version.

Hackers Claim Credit

Roughly an hour and a half after the outage started, a hactivist group that calls itself UGNazi, also known as Underground Nazi Hacktivist Group, claimed its DDoS attack took down Twitter. Chester Wisniewski, senior security adviser for Sophos, said he doubted the claim because taking down a global content delivery network like Twitter's would take "tremendous resources."

"During the downtime I had an opportunity to probe the API (application programming interface) and the behavior I observed of certain types of queries intermittently working in waves, but never being totally unavailable, matches nicely with Twitter's explanation as to why they had availability problems," Wisniewski said Friday in an email sent to CSO.

In an e-mail sent to Computerworld and other news organizations, UGNazi claimed it took down the site because of its support for the Cyber Intelligence Sharing and Protection Act (CISPA).

CISPA, which was passed by the House in April, would give companies immunity from lawsuits and prosecution in passing customer information to the government, if the data was necessary to maintain cybersecurity or national security. The legislation is pending further congressional action.

UGNazi taking credit for an attack it may not have committed is not unusual in the twisted hactivist world. "Hacking groups, like terrorists, have claimed responsibility for random events for a very long time," Wisniewski said. "I think they expect it to boost their cred in the community, if they are perceived to be so powerful that they can impact major players in the Web 2.0 space."

During the six months before the outage, Twitter had its "highest marks for site reliability and stability ever," said Rawashdeh. On average, the site had been running normally for all but roughly 20 seconds in a 24-hour period.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

This story, "Twitter Outage: Glitch, Not Hack" was originally published by CSO.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon