Saturday, August 8, 2009

Do Attacks on Twitter Usher in New Age of Cyberwar?

Over the past few days, there has been trouble in Twitter-land. A wave of cyberattacks directed at Facebook and Twitter have caused outages, delays, and the inability to post. For some, this has simply meant that they cannot send out Twitter posts (tweets). I think these outages represent something far more: They are a proof of concept that may have far larger consequences.

If you have not been following the story, hackers first sent out a huge wave of spam email disguised (spoofed) as coming from "Cyxymu," who is a blogger in the former Soviet Union country Georgia. This damaged his online reputation. Next, the hackers focused on sending waves of junk requests to the servers that power Twitter, LiveJournal, Facebook, and YouTube, effectively rendering them temporarily useless, and making it impossible to post to Twitter, whose defenses were not up to the same level as some other companies. This isn't so bad if all you are posting is, "Going to the grocery store now." But Twitter posts are often far more than that.

Weeks ago, turmoil in Iran demonstrated how Twitter could be used as a virtually unstoppable means of communication. People organized, updated and got their news out to the rest of the world by using 140-character bursts of information. The government could shut down or control the phone systems, television, radio, newspapers, and other "traditional" media. But the tweets continued, and the word went out.

In directing attacks against social media, the hackers (it's still unclear exactly who, but pro-Russia, it appears, in the Georgia-Russia disputes) managed to disrupt people's ability to tweet or to post updates to Facebook, effectively jamming those sources of information as one might jam radio communications back in the bad old days of the Cold War. This means that a government, if connected with the "right" people, could shut down the social media as well as radio and TV.

This is a turning point. This is a new world. When large networks of compromised computers (botnets) can be focused on a Distributed Denial of Service (DDoS) attack to shut down—or slow down—communications at will, we are in danger of losing the latest means of real-time peer-to-peer information sharing.

Things did not (in my view) turn out well in Iran, but we heard about what was going on while it was going on. I think that next time, wherever and whenever it occurs, things will be different.

Give it some thought.

No comments:

Post a Comment