Attacks/Breaches
3/8/2012
12:01 PM
50%
50%

Facebook: DDoS Attack Didn't Cause European Outage

Facebook said technical issues caused downtime that made site temporarily inaccessible in parts of Europe.

Top Technology Venture Capitalists
Facebook Apps In Action
(click image for larger view and for slideshow)
Facebook was intermittently unavailable across parts of Europe Wednesday, and at least one national security warning team said that it was due to a distributed denial of service (DDoS) attack.

"There is an ongoing DDoS attack towards Facebook. Accessing your Facebook account can temporarily fail," reported Belgium's Computer Emergency Readiness Team (CERT.be) via Twitter Wednesday.

Likewise, earlier that day, Icelandic member of parliament Birgitta Jonsdottir said via Twitter, "Facebook down in most of Europe, Egypt, Turkey, Russia: how about Asia, north and south America?" The site appeared to be suffering intermittent outages for users in some parts of the world for at least 12 hours, according to monitoring service downrightnow.

Facebook has blamed the outages on technical faults. "Today we experienced technical difficulties causing the site to be unavailable for a number of users in Europe," according to a statement released by Facebook. "The issue has been resolved and everyone should now have access to Facebook. We apologize for any inconvenience."

[ You never know where hackers will strike next. Read Sony Suffers Michael Jackson Song Hack Attack. ]

Facebook did not respond to a detailed request for comment about whether the outage had been traced to a DDoS attack, but the evidence has begun to look thin. Notably, CERT.be pushed a new tweet Wednesday calling into question its earlier analysis. "Just to be clear: CERT.be can't confirm #DDoS attack on #facebook. Our tweet this morning about #DDoS attack was based on earlier threats."

Facebook's last major downtime was in September 2010, when a lengthy outage was caused in part by error-handling routines in the social network's database software failing. Later that year, a Pages update also led to a short site outage.

This most recent outage came as Facebook prepares to go public with an IPO that will raise an estimated $5 billion, valuing the company at $75 billion to $100 billion. The initial stock sale is expected to happen this spring.

If security monitoring agencies seem overly quick to dub large-scale outages as DDoS attacks, it's likely due to hacktivist collective Anonymous, as well as such offshoots as AntiSec, promising to continue their exploits in the wake of core LulzSec members being indicted for hacking, amongst other charges. Recently, hacktivists have taken down parts of Panda Security's website, over its helping Interpol to bust 25 accused members of Anonymous.

But there have been a number of recent exploits that turned out, upon further examination, to not be exploits. Notably, a January 2012 Transportation Security Administration memo detailed a December 2011 targeted hack that delayed trains for a short period of time. Industry officials, however, strongly disputed that assertion, saying that "there was no targeted computer-based attack on a railroad."

Likewise, in November 2011, the Department of Homeland Security's Illinois State Fusion Center warned that an Illinois water processing plant outage had been caused by a hack attack launched from Russia. Upon further investigation, however, DHS and the FBI said that the outage had been caused solely by a hardware failure. Meanwhile, the mystery Russian attacker turned out to be a legitimate U.S. contractor who'd been asked to log in and fix a problem, while he was vacationing in Russia.

The effort to achieve and maintain compliance with Sarbanes-Oxley requirements remains one of the primary drivers behind many IT security initiatives. In our Security Via SOX Compliance report, we share 10 best practices to meet SOX security-related requirements and help ensure you'll pass your next compliance audit. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.