Showing posts with label twitter attack. Show all posts
Showing posts with label twitter attack. Show all posts

Thursday, August 06, 2009

Twitter attack a national security issue



More at Zennie62.com | Follow me on Twitter! | Get my widget! | Visit YouTube | Visit UShow.com

A funny thing - well ok, not so funny thing - happened this morning at 6 am while I slept comfortably and soundly: Twitter was down. Something called a "Denial of Service" which resulted in this message according to TechCrunch:

We are defending against a denial of service attack, and will update status again shortly.

As of 8:16 PST Twitter was up again, and seems to be fine now, but they're still defending against the attack! What does all this mean? It signals just how vulnerable these small business private sector Internet systems are, and this is a matter of national security. It's far beyond Twitter Phishing, which I talked about here:



...but it underscores the point that Twitter is the constant focus of some kind of attack.

Let's not forget that for all of its 44 million visitors last month and its powerful role in the Iran protest, the San Francisco-based company is a small one with just 29 employees, no constant revenue stream, and a bed of venture money. If I told you a company of that size was actually the communications hub for much of America and the industrialized world, you'd laugh at me. But that's the case.

It's also why making sure Twitter consistently works and is impervious to future attacks is a national security issue. Remember how The U.S. State Department contacted Twitter to convince them to change their maintenance schedule as it happened during the Iran protest? Do you have any idea how many people have been saved, helped, or advanced by the existence and operation of Twitter? It's become the modern telephone (ironically one can access it with a phone) for our society.

In my view, Twitter should want, and the U.S. Government should be open to, some level of investment and assistance in creating a powerful backup system and a better method of data protection. I write this because Twitter has had problems with "server stress" in the recent past and even though the link to MG Sigler's Venture Beat post refers to a problem in 2008, there have been others since then.

Then there's the matter of protection of information.

During Easter of this year a teenager attacked Twitter with a worm (a self-copying computer program or "bot"). In July a hacker called "Hacker Croll" broke into the personal accounts of a number of Twitter employees. That led to a "document leak fiaso" where Twitter information was spread around the Internet. TechCrnuch's Michael Arrington was sent copies of a number of emails between Twitter staffers, and while he did an excellent job of sharing his new gift with Twitter, the fact that this information was sent to him means that others may have gotten it too. What kind of information was gotten? According to TechCrunch, basically all that comprises the lives of the Twitter employees who were effected:

1) the complete list of employees
2) their food preferences
3) their credit card numbers
4) some confidential contracts with Nokia, Samsung, Dell, AOL, Microsoft and others
5) direct emails with web and showbizz personalities
6) phone numbers
7) meeting reports (very informative)
8) internal document templates
9) time sheet
10) applicant resumes
11) salary grid


Hacker Croll got a lot of information, which which may have led to today's attack if it was spread around.

Who is Hacker Croll?

According to BlogPirate, Hacker Croll is a Frenchman and that's not his real name; it's his "handle", his fake name. Moreover, he's not the diabolical genius you might think he is, he actually just plain guessed at the answer to a secret question assigned to the account of a single Twitter employee!

Hacker Croll said he didn't want to really harm Twitter or its employees, just show how vulnerable they were. Nice wake up call for Twitter, but I'm not sure Hacker Croll got the job offer he may have been looking for from them!

While it's not clear that what Hacker Croll did directly led to today's "Denial of Service" attack, it's certainly clear that Twitter needs a dramatically beefed-up security system if only to protect the many millions of people who use it. But more important, a country like Iran is certainly looking at these developments with interest and has a reason to like what they see. That's why Twitter's protection is a national security issue of top priority.