Home / Blogs

Cutting Through the Twitter DDoS Hype

There are a lot of theories flying around about why Twitter and other social media services got knocked offline yesterday. I’ve heard rumors about it being linked to political tension between Georgia and Russia. Others blame Iran for the outages.

I’m not a political commentator, therefore I cannot comment on anyone’s political views—but I have some logic and common sense, and I can draw some objective conclusions.

Anyone saying where the attack is coming from can only base their conclusions on pure speculation. There is no real data to prove who is behind it, and if there would be any clue about the origins of this attack, it would be in the access logs on the victim servers—Twitter, Facebook, LiveJournal and others in this case.

And there are some interesting points to be raised:

Firstly, it is very naive to think that by DDoS-ing a major social network such as Facebook or Twitter anybody can be silenced. Such an attack can only last for a limited amount of time, and after that everything is back to normal.

It doesn’t really make sense for *any* government to launch such a DDoS attack just to silence somebody, anybody. An attack can last from a few minutes to a few hours—and after that what? Everything is back to normal, all communications are possible again. Personally, I don’t see any advantage that a government would achieve by disrupting access to Twitter or Facebook for 2 or 3 hours.

Secondly, talking about “Cyxymu” himself or any political activist—I’m sure that governments or intelligence agencies have more direct and efficient methods for silencing somebody, if that was the case. DDoS-ing social networks doesn’t make sense, it is like using a tank to kill a mosquito.

Also, it’s worth noting that “Cyxymu” didn’t even have 100 followers on Twitter when the attacks started—so I am wondering how big his influence really was to even consider him as the root cause of the DDoS attacks.

Finally, I would like to point out that people are always in love with conspiracy theories—unfortunately. Blaming the DDoS attacks on Russia, Georgia or Iran is always going to make the story more popular. I wish there weren’t so many people fueling these conspiracy theories regarding yesterday’s DDoS attack.

The only thing that I’m sure is going to happen after these incidents is that Twitter will gain even more popularity as a result. Everybody’s talking about it, the story is all over the news, all over the world—so the only thing that will happen is that Twitter will be even more popular after this.

By Stefan Tanase, Senior Regional Researcher, Kaspersky Lab

Filed Under


Russian government prefers bullets, poison, or radioactive material George Ou  –  Aug 10, 2009 8:44 PM

Russian government prefers bullets, poison, or radioactive material to silence people.  If it is true that they are switching to DDoS, that would be a huge improvement in my mind.

You have a good point there. I Linda Roeder  –  Aug 11, 2009 1:07 AM

You have a good point there. I was wondering about that myself. What would make anyone think that they could shut down someone when web sites are backed up and able to bring themselves back up in minutes after an attack.

Here’s a theory… Maybe he sabotaged his own accounts to get publicity for his own writings. How’s that for a conspiracy theory?

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC


Sponsored byDNIB.com

New TLDs

Sponsored byRadix


Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API