Today showed the sensitivity of our social network environment. Can we prevent it?

Today’s Denial of Service attacks (DDoS) on both Facebook and Twitter and possibly several more services show how dependent we are on today’s technology. Moreover, they proved that it is rather easy to attack very popular services. It’s no surprise that both services are not too happy about what happened and they seem to have decided to investigate the cause together, and  more importantly, how to prevent it. Some sources claim that Google has been attacked as well. And that is something that we experienced in the afternoon. Mail was hardly responding or not available at all. So, what is a DDoS attack?

Facebook Denial of Service announcement 6-8-2009

What is a DDoS attack?

Probably you remember that you once tried to wish one of your family members or friends a Happy New Year just after midnight on the 1st of January. It’s highly possible that you didn’t manage to do it by phone. The network got overloaded because it is not designed to handle the high load on such special occasions.  In fact, a Distributed Denial of Service (DDoS) attack is something  similar, only the purpose is different. A DDoS attack is a malicious effort to bring an online service down by bombing the server of this service with fake requests. Services like Facebook and Twitter are used to handling high load on their servers. In order to attack them a real high traffic load is needed (probably even billions of parallel requests). The question is how the attackers managed to generate such amount of traffic, especially because it does not look like a traditional DDoS attack. Although it’s hard or even impossible to defend yourself against a well organized DDoS attack for sure both Facebook and Twitter have the minimum protection against them. Google has a much more resilient network and therefore Google did not have too many issues today. Although the attacked services still mention a (D)DoS attack in their official announcements, Bill Woodcock claims in an interview with The New York Times that an email based attack method could have been used. He even links it to the arguments in between Georgia and Russia. To be honest, this explanation is hard to believe. It seems to be impossible to generate the amounts of traffic needed to cause this downtime by email. Whatever happened, unfortunately the servers were unable to define which requests were fake and which weren’t. It’s highly possible that the Twitter service went down first. Because on Facebook many people started communicating about the Twitter downtime. The user shift from Twitter to Facebook probably made the attack more successful. A lot more users combined with the DDoS attack also caused Facebook to go down. Just imagine 100 people ringing at your door bell in the same minute. You can keep running, but you won’t manage to say hello to everybody. What happens to you if this keeps going on for some time? For sure there will be a long queue, not to mention how you will feel …..

Can we prevent it?

As I mentioned before it is hard to believe that both Facebook and Twitter were not prepared for a DDoS attack. Being a popular service you know that their are people around who would like to attack you. And in fact I think they face many attacks all the time. Today made clear that if somebody really wants it is possible to kick these services down. And it is really hard to prevent this. Only when you have a very resilient, distributed network all over the world like e.g. Google it is a lot harder to organize a successful attack. Then you have more time to analyze an attack an to take appropriate measures. But this isn’t easy. Let’s hope that they will manage to find the attackers and to conclude how this could happen. In that case a legal procedure can be started against them.