And It's All Your Fault
Yesterday, I suffered through three hours without access to Twitter. The micro-blogging service, which was hit by a massive denial of service (DDoS) attack, eventually came back—and then it failed again last night. Twitter's working now, but it's acting like it's on life support: slow to respond, listless, and drifting in and out of consciousness.
In other words, there is someone other than you to blame, but good luck finding that person. Wouldn't it be easier for all of us to install security software, pay for the updates, run regular scans, and stop doing risky things online? Yes, it would. And then that one evil person would be writing malware bots that go no further than his own desktop, making future DDoS attacks virtually impossible.
Every day, someone tells me about how their PC is doing something odd, like playing music when a browser isn't open, or launching a browser when they haven't chosen to go online. I've also heard tales of home pages changing to something less pleasant than Google.com. Those are frustrating problems that are usually tied directly to malware. But there's another kind of malware and, ultimately, it's far more dangerous than anything you can see. This bit of code drops onto your PC from any one of the above-named scenarios and then does nothing. Well, that's not entirely true. It does have one task to perform before it truly makes its presence known. It needs to spread. It usually uses your system and, say, your e-mail address book to reach hundreds of other computer users. So the malware (also known as a bot) spreads and, thanks to some clever programming, works to hide itself; there may even be some mutations that allow it to avoid security software sweeps. Just like a viral marketing message, the bot spreads out in ever wider circles (think: they told two friends and then they told two friends and so on and so on). In its wake are, potentially, millions of zombie PCs.
And so what? This has nothing to do with Twitter going down, or my shaking in a corner as I go Twitter cold turkey. Except that it does. The only way Twitter could have been attacked like this—and so successfully—is if millions of infected zombie PCs suddenly attacked the service. Usually, a company doesn't even realize it's under attack until it's too late and the service is offline. Based on the initial messages we saw from Twitter, it didn't know what was happening until Twitter crashed. Again, that's because a DDoS doesn't attack the server as much as the service. It simply floods the system with requests until it chokes. Someone did program the bot to do this and while this person didn't have to do anything yesterday—except pray that there were enough infected PCs out there (thanks to all of you) to make it happen—he certainly knew when it would happen.
Earlier in the week, other major sites, including LiveJournal and The Consumerist, were nearly laid low by a DDoS. Facebook got wobbly, too, yesterday, but somehow held up. The reason Twitter has been up and down is that the bots are continuing to work and may be programmed to switch up the ports they're attacking. So just when Twitter gets ahead of one, it's already mobilizing the attack on another.
All the while, you sit at home with your zombie PC wondering why you can't get to Twitter. I wonder why, too.
No comments:
Post a Comment