The fragile nature of many of the important destinations of the internet was visible once again. Social networkers of the world, suddenly found that they were not getting their fix from the highly popular Twitter site, and that the site had stopped responding on Thursday, the 6th of August. And it was not only Twitter that was affected, other sites such as Facebook were affected as well. However, Twitter was the site that was most affected.
When sites start going down to attacks, this is mostly due to something called a DDOS (Distributed Denial of Service), and is mostly done through the use of requests for service from many different machines (many could mean hundreds of thousands or millions). In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. One way to do these attacks is through the use of botnets (wikipedia), machines all over the internet that have been taken over.
However, this attack was somewhat different. This was carried out through the use of spams, and was actually part of an attack against the accounts of a person called Cyxymu (wikipedia), a blogger who supports the country of Georgia against Russia. People were sent spam messages with links to his accounts on different social networking sites, and a huge number of them clicked on these links (link to article):
The messages were designed to discredit Cyxymu by associating him with a spam run. Other security researchers, such as Patrik Runald at F-Secure (here) and Graham Cluley at Sophos, are sceptical about this Joe Job-style theory for the attack.
Twitter’s two NTT hosted address blocks were moved in response to the attack, Arbor adds. Twitter's reliance on just one service provider, and apparent lack of back up and redundancy, much less a comprehensive disaster recovery plan, goes a long way towards explaining why it was hit so badly.
One such attack normally causes the attacked entity to place a much higher emphasis on trying to prevent such attacks in the future, and one can expect Twitter to do the same.