Tweets fall silent as Twitter goes down for hours

Twitter, once derided as a frivolous way to tell friends of what you are eating and when you’re going to bed, has grown up -- the hard way.

The cyber-attack that paralyzed the social networking service Thursday signaled that Twitter had become big enough to attract the attention of malicious Internet hackers, who may have been motivated by profit.

No one knows for sure who was behind the “denial of service” strike that crippled the website for hours, and which was also aimed at popular Internet properties Facebook, Google and possibly YouTube.

Speculation as to the perpetrators ran from bored teenagers to cyberspace fighting between Russian and Georgian political operatives.


Several security experts said they saw the fingerprints of a sophisticated operation involving “botnets” -- giant armies of personal computers that have been silently taken over by hackers, unbeknown to their owners.

“Botnets are a very stable platform to engage in all sorts of cyber crime,” said Thomas Holt, a professor at Michigan State’s School of Criminal Justice. For some hackers, using “Twitter as a target is a good way of measuring” the power of their botnet.

By showcasing its disruptive effect, hackers can use the attack as a calling card for their services for anyone who wants to derail a rival or use the network to send huge volumes of unwanted e-mail.

Jerry Dixon, former director of the National Cybersecurity Division at the Department of Homeland Security, said the perpetrators could be a group of hackers trying to show that they’re capable of taking down a hugely popular social network.

“They are saying, ‘Look what I’m capable of doing,’ ” Dixon said. “It’s someone trying to make a name for themselves.”

That could be for bragging rights or a more nefarious purpose. The hackers who crippled a service as prominent as Twitter could conceivably sell their skills.

“They would be like hit men, but with digital packets instead of bullets,” said Dixon, now a security analyst with the nonprofit group Team Cymru.

Indeed, there have been instances of hackers being paid to take down sites.


In 2004, satellite TV retailer Saad Echouafni was indicted in federal court in Los Angeles on suspicion of paying to attack three online competitors. One of the hackers pleaded guilty, but Echouafni fled and is at large, according to the FBI.

Analyst Beth Jones of Internet security firm Sophos said one theory going around the security community was that the attack was caused by a botnet using a computer worm known as Koobface.

She doesn’t think the worm was created for sport.

“This was no kid who wrote this,” Jones said. “This was professionally written.”


Once in place, the botnet could be used for underground commercial purposes, such as spreading vast amounts of spam e-mail.

A recent Sophos report said that nearly 90% of e-mails received by businesses are spam, although many are filtered out before they reach individuals.

Twitter’s traffic and membership have exploded in the last year, rocketing to more than 45 million visitors worldwide, according to Web ratings firm ComScore Inc.

Twitter’s trademark feature -- short messages of 140 characters or less that circulate at lightning speed through vast worldwide networks -- has made it a major method of communication for households, businesses and the media.


“For the people who use it, Twitter is becoming a primary alert system within the information economy,” said Jay Rosen, a media professor at New York University. “When that alert system is down, it feels like the Web is broken.”

The site has played a role in several high-profile news stories, including the recent upheaval over elections in Iran, where observers and protesters used the service to transmit updates.

Before that, Twitter was a source of information about the terror attacks in Mumbai, and the origin of the first picture of a plane that landed in New York’s Hudson River this year.

Just this week, the service was again in the news when entertainer Paula Abdul announced on her Twitter page that she was resigning from the hit Fox television show “American Idol.”


Twitter said it was the victim of a “distributed denial of service” attack, a disruptive tactic in which outsiders try to overload a website with huge numbers of computer-generated requests. Those attacks are often generated by botnets.

Because websites have a limited capacity to handle incoming traffic, a deliberate deluge can cause servers to respond slowly to legitimate users, or not at all.

The attack was continuing as of early Thursday evening, though by that time much of the malicious traffic had been deflected, said Kazuhiro Gomi, chief operating officer of NTT America, the company that provides Twitter’s Internet infrastructure.

Gomi said an attack capable of bringing down Twitter was “definitely one of the worst-case scenarios.”