Attacks/Breaches
3/8/2012
12:01 PM
50%
50%

Facebook: DDoS Attack Didn't Cause European Outage

Facebook said technical issues caused downtime that made site temporarily inaccessible in parts of Europe.

Top Technology Venture Capitalists
Facebook Apps In Action
(click image for larger view and for slideshow)
Facebook was intermittently unavailable across parts of Europe Wednesday, and at least one national security warning team said that it was due to a distributed denial of service (DDoS) attack.

"There is an ongoing DDoS attack towards Facebook. Accessing your Facebook account can temporarily fail," reported Belgium's Computer Emergency Readiness Team (CERT.be) via Twitter Wednesday.

Likewise, earlier that day, Icelandic member of parliament Birgitta Jonsdottir said via Twitter, "Facebook down in most of Europe, Egypt, Turkey, Russia: how about Asia, north and south America?" The site appeared to be suffering intermittent outages for users in some parts of the world for at least 12 hours, according to monitoring service downrightnow.

Facebook has blamed the outages on technical faults. "Today we experienced technical difficulties causing the site to be unavailable for a number of users in Europe," according to a statement released by Facebook. "The issue has been resolved and everyone should now have access to Facebook. We apologize for any inconvenience."

[ You never know where hackers will strike next. Read Sony Suffers Michael Jackson Song Hack Attack. ]

Facebook did not respond to a detailed request for comment about whether the outage had been traced to a DDoS attack, but the evidence has begun to look thin. Notably, CERT.be pushed a new tweet Wednesday calling into question its earlier analysis. "Just to be clear: CERT.be can't confirm #DDoS attack on #facebook. Our tweet this morning about #DDoS attack was based on earlier threats."

Facebook's last major downtime was in September 2010, when a lengthy outage was caused in part by error-handling routines in the social network's database software failing. Later that year, a Pages update also led to a short site outage.

This most recent outage came as Facebook prepares to go public with an IPO that will raise an estimated $5 billion, valuing the company at $75 billion to $100 billion. The initial stock sale is expected to happen this spring.

If security monitoring agencies seem overly quick to dub large-scale outages as DDoS attacks, it's likely due to hacktivist collective Anonymous, as well as such offshoots as AntiSec, promising to continue their exploits in the wake of core LulzSec members being indicted for hacking, amongst other charges. Recently, hacktivists have taken down parts of Panda Security's website, over its helping Interpol to bust 25 accused members of Anonymous.

But there have been a number of recent exploits that turned out, upon further examination, to not be exploits. Notably, a January 2012 Transportation Security Administration memo detailed a December 2011 targeted hack that delayed trains for a short period of time. Industry officials, however, strongly disputed that assertion, saying that "there was no targeted computer-based attack on a railroad."

Likewise, in November 2011, the Department of Homeland Security's Illinois State Fusion Center warned that an Illinois water processing plant outage had been caused by a hack attack launched from Russia. Upon further investigation, however, DHS and the FBI said that the outage had been caused solely by a hardware failure. Meanwhile, the mystery Russian attacker turned out to be a legitimate U.S. contractor who'd been asked to log in and fix a problem, while he was vacationing in Russia.

The effort to achieve and maintain compliance with Sarbanes-Oxley requirements remains one of the primary drivers behind many IT security initiatives. In our Security Via SOX Compliance report, we share 10 best practices to meet SOX security-related requirements and help ensure you'll pass your next compliance audit. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0714
Published: 2015-05-02
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.

CVE-2014-3598
Published: 2015-05-01
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-8361
Published: 2015-05-01
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.

CVE-2015-0237
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

CVE-2015-0257
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.