Attacks/Breaches
3/8/2012
12:01 PM
Connect Directly
RSS
E-Mail
50%
50%

Facebook: DDoS Attack Didn't Cause European Outage

Facebook said technical issues caused downtime that made site temporarily inaccessible in parts of Europe.

Top Technology Venture Capitalists
Facebook Apps In Action
(click image for larger view and for slideshow)
Facebook was intermittently unavailable across parts of Europe Wednesday, and at least one national security warning team said that it was due to a distributed denial of service (DDoS) attack.

"There is an ongoing DDoS attack towards Facebook. Accessing your Facebook account can temporarily fail," reported Belgium's Computer Emergency Readiness Team (CERT.be) via Twitter Wednesday.

Likewise, earlier that day, Icelandic member of parliament Birgitta Jonsdottir said via Twitter, "Facebook down in most of Europe, Egypt, Turkey, Russia: how about Asia, north and south America?" The site appeared to be suffering intermittent outages for users in some parts of the world for at least 12 hours, according to monitoring service downrightnow.

Facebook has blamed the outages on technical faults. "Today we experienced technical difficulties causing the site to be unavailable for a number of users in Europe," according to a statement released by Facebook. "The issue has been resolved and everyone should now have access to Facebook. We apologize for any inconvenience."

[ You never know where hackers will strike next. Read Sony Suffers Michael Jackson Song Hack Attack. ]

Facebook did not respond to a detailed request for comment about whether the outage had been traced to a DDoS attack, but the evidence has begun to look thin. Notably, CERT.be pushed a new tweet Wednesday calling into question its earlier analysis. "Just to be clear: CERT.be can't confirm #DDoS attack on #facebook. Our tweet this morning about #DDoS attack was based on earlier threats."

Facebook's last major downtime was in September 2010, when a lengthy outage was caused in part by error-handling routines in the social network's database software failing. Later that year, a Pages update also led to a short site outage.

This most recent outage came as Facebook prepares to go public with an IPO that will raise an estimated $5 billion, valuing the company at $75 billion to $100 billion. The initial stock sale is expected to happen this spring.

If security monitoring agencies seem overly quick to dub large-scale outages as DDoS attacks, it's likely due to hacktivist collective Anonymous, as well as such offshoots as AntiSec, promising to continue their exploits in the wake of core LulzSec members being indicted for hacking, amongst other charges. Recently, hacktivists have taken down parts of Panda Security's website, over its helping Interpol to bust 25 accused members of Anonymous.

But there have been a number of recent exploits that turned out, upon further examination, to not be exploits. Notably, a January 2012 Transportation Security Administration memo detailed a December 2011 targeted hack that delayed trains for a short period of time. Industry officials, however, strongly disputed that assertion, saying that "there was no targeted computer-based attack on a railroad."

Likewise, in November 2011, the Department of Homeland Security's Illinois State Fusion Center warned that an Illinois water processing plant outage had been caused by a hack attack launched from Russia. Upon further investigation, however, DHS and the FBI said that the outage had been caused solely by a hardware failure. Meanwhile, the mystery Russian attacker turned out to be a legitimate U.S. contractor who'd been asked to log in and fix a problem, while he was vacationing in Russia.

The effort to achieve and maintain compliance with Sarbanes-Oxley requirements remains one of the primary drivers behind many IT security initiatives. In our Security Via SOX Compliance report, we share 10 best practices to meet SOX security-related requirements and help ensure you'll pass your next compliance audit. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2886
Published: 2014-09-18
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during ins...

CVE-2014-4352
Published: 2014-09-18
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVE-2014-4353
Published: 2014-09-18
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

CVE-2014-4354
Published: 2014-09-18
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVE-2014-4356
Published: 2014-09-18
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.

Best of the Web
Dark Reading Radio