August 11 , 2009

Denial-of-service attack takes down Twitter
Tweeters around the world locked out of site

On Thursday Tweeters around the world found themselves unable to access the popular microblogging site for hours.

The original message to appear on Twitter’s status blog was “Site is down - We are determining the cause and will provide an update shortly.” A second update said that the company was defending a Denial of Service (DoS) attack and gave no estimation on how long the site would be down for.

“On this otherwise happy Thursday morning, Twitter is the target of a denial of service attack,” wrote Twitter co-founder Biz Stone on the site’s blog. “Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate.”

The goal of any Denial of Service is to take out a specific online resource and make it unavailable to its users. Targets are typically hugely popular destinations with a lot to lose, and with Twitter’s explosive growth comes its emergence as a juicy target for hackers and miscellaneous enemies or pranksters.

DDoS attacks often involve sending a flood of external communication requests to the site that at first glance may appear just like legitimate traffic. The intent is to overwhelm the service’s resources to such a degree that it can’t respond to real requests for real users, effectively rendering the site unreachable or so slow to respond as to be impossible to use for some period of time.

Tweeters were not the only victims. Developers who built applications for Twitter and generate money from them were hard-hit by the service's many hours of downtime as hackers pummel Twitter with their ongoing denial-of-service attack.