September 5, 2009

Cyberattack - Learn From Mistakes!!


Cyberattacks – Not a new word in the recent time I guess. At least not to the people who are constantly living life online.

This word has created an impact on our life and has changed the way the concept of computing works.

History:

I remember very properly in the past, before around 12 years, virus was the new name in the internet industry. It was getting its form and developing very fast. There were few simple viruses which just created bad sectors in our floppy drives or overflow the ram buffer making the system to restart after some point of time.

Today:

Now the scenario has changed. We are in the next generation in which there are very beautifully designed cyber attacks and people are spending their day and night designing best in market bots and Trojans.

The virus definition has changed to such an extent that there are incident of hacking the whole network and creating cyber army. Wow. This is what no one would have thought in the past. They created something; someone else uses their brain to make something best out of it.

Today, I would like to focus on one of the recent incident of deadly cybercrime –> Attack on twitter and facebook.

News behind attack:


Facebook and twitter got attacked and hacked.

Denial of service attack!!!

Now what is the impact and what is this DOS all about?
Who did this, why and what was the result of this whole fiasco.
I will give you some insight about this issue.

6th Aug 2009, Lot of people woke up in the morning and as usual, instead of reading newspaper or seeing news, they started with twitter. But to their surprise, the page was not getting loaded. Now the problem was they were not able to get ”REAL TIME INFORMATION” as the only source was not responding.
Later after few hours, they came to know that Twitter was attacked. By thousand of requests which made the whole server to crash.

Why?

According to comScore, Twitter had 20.1 million unique visitors in the United States in June, some 34 times the 593,000 a year earlier. This compares with Facebook's 77 million this June, more than double the 37.4 million in the prior year.


Target?

Twitter crashed because of a denial-of-service attack, in which hackers command scores of computers toward a single site at the same time to prevent legitimate traffic from getting through. The attack was targeted at a blogger who goes by "Cyxymu" — Cyrillic spelling of Sukhumi, a city in the breakaway territory of Abkhazia in Georgia — on several Web sites, including Twitter, Facebook and LiveJournal.

But they could have just as well targeted Twitter itself. That's because the effects were the same whether the excess traffic went to the "twitter.com" home page or to the page for Cyxymu at "twitter.com/cyxymu." Same with Facebook and LiveJournal.

Results:

The outage that knocked Twitter offline for hours was traced to an attack on a lone blogger in the former Soviet republic of Georgia — but the collateral damage that left millions around the world tweetless showed just how much havoc an isolated cyberdispute can cause.

"It told us how quickly many people really took Twitter into their hearts," Robert Thompson, director of the Center for the Study of Popular Television at Syracuse University, said Friday.
Tens of millions of people have come to rely on social media to express their innermost thoughts and to keep up with world news and celebrity gossip.

Twitter "is one of those little amusements that infiltrated the mass behavior in some significant ways, so that when it went away, a lot of people really noticed it and missed it."
The attacks Thursday also slowed down Facebook and caused problems for the online diary site LiveJournal. But Twitter, the 140-character-or-less messaging site used by celebrities, businesses and even Iranian protesters, suffered a total outage that lasted several hours.
Those attacks continued Friday from thousands of computers pummeling its servers, said Kazuhiro Gomi, chief technology officer for NTT America Enterprise Hosting Services, which hosts Twitter's service.


Reviews:

"A denial of service attack like this one is a very blunt instrument," said Ray Dickenson, chief technology officer at Authentium, a computer security firm. It's as if a viewer who didn't like one show on a television channel decided to "knock out the whole station."
Or like fishing with dynamite: You'll catch something, but the blast will kill dolphins, sharks and other organisms, too.

Just who was behind these attacks is not yet clear, but the dispute was probably related to the ongoing political conflict between Russia and Georgia.
Gomi said the attacking computers were located around the world and the source of the attacks was not known.

The attacks seemed to come in two waves. The first was a spam campaign consisting of e-mails with links back to posts by Cyxymu. This drove some traffic to the blogger's postings on various social-networking sites, possibly to disparage him as the source of the spam.
The second and more destructive phase consisted of the denial-of-service attack, which attacked the sites' servers by sending it lots of junk requests — presumably to prevent people from reading his viewpoints.

It would have been much harder for the perpetrators of the attacks to isolate Cyxymu's accounts on each social-networking site and shut it down. To do that, they would have needed to access his password by guessing it or somehow luring him into giving it out.
The blunt approach was easier — and more damaging.
On Friday, the surge of traffic to Twitter was about as it was Thursday — as much as 20 percent above normal traffic levels. But Gomi said NTT was better able to filter out the fake traffic, which is why Twitter stayed online.

Security Analyst said Twitter was more vulnerable than Facebook and other sites because the company's servers are hosted by a single service provider, something larger Web sites tend to avoid as they grow.

Although having several providers is no guarantee of avoiding harm, Dickenson said doing so at least gives the sites more tools and space to work with once they occur.
Craig Labovitz, chief scientist for Arbor Networks, a Chelmsford, Mass.-based network security firm, said Twitter's smaller size also made it more vulnerable. "Twitter is just apples and oranges compared to Facebook," he said. "Facebook is massive, and they presumably have massive infrastructure backing it." After the attacks on Twitter started, NTT turned on a technology that protects against denial of service attacks. The problem is it slows down access to the site.
"It's still under attack," he said. "If we turned that stuff off, the Twitter site could go down immediately, to be quite honest."

The Twitter outage was widely blogged, reported and — once the site was back — tweeted about, but was it really that bad? Or a mere hiccup of the information age?

For people like Lev Ekster, who uses Twitter to keep in touch with customers of his mobile cupcake truck in New York, the outage proved no more than an inconvenience. His event planner, who normally arranges cupcake orders for birthdays and bar mitzvahs, fielded phone calls all day from customers wanting to know the truck's location for the day.
"A temporary outage is not the end of the world," Ekster said. "But if this kept happening, people like me who rely on twitter will be in serious problem.”

The cyberattacks against Georgia a year ago were conducted in close connection with Russian criminal gangs, and the attackers likely were tipped off about Russia's intent to invade the country, according to a new technical analysis, much of which remains secret.

Aftermath:


I guess they should understand from their past mistakes and should be well prepared against future attacks. People have the knowledge and power, use it to get yourself protected against future cyber attacks.

Copyright © Hardik Upadhyay

You can follow me on TWITTER

JSK

No comments:

Post a Comment