SciTechBlog   « Back to Blog Main
August 7, 2009

The Twitter attacks could be our fault

Posted: 02:46 PM ET

One lesson worth taking away from Thursday's social media shut-down is the fact that all of us can be complicit in cyber-attacks if we don't protect our computers.

The attack that shut down or caused glitches in several social media sites was aimed at a particular person. But whomever conducted the attacks used other peoples' computers to do so. These are ordinary people like you and me - and I'll bet many of them don't know they were part of the problem.

Twitter and Facebook say they were hit by a "denial of service" attack, which means a hacker or group of hackers infected a bunch of computers, got control of them, and then used them to overwhelm the sites.

It's hard for big sites like Twitter and Facebook to protect themselves from a denial of service attack.

But there are things you can do to make sure your computer doesn't turn into a hacker's pawn. Here are a few government links with helpful information:

Strengthen your password: Use different passwords for all of the sites you use (you can manage them with this service), and make them complicated so they're hard to crack.

Use anti-virus software: And be sure to keep it up to date.

Reduce spam: Before giving out your e-mail address online, look at the site's privacy policy.

I've gotten a bunch of questions lately about the security of user information on Twitter and Facebook. Both sites have e-mailed me statements saying that users' information was not compromised as part of Thursday's attacks.

But to protect yourself on social networks in general, here's another government site with some background and tips. The gist: don't give out information you wouldn't want everyone to see; and, again, use strong passwords.

Posted by:
Filed under: Facebook • Twitter


Share this on:
Carol Dean Sharpe   August 7th, 2009 3:30 pm ET

John, Some of us are getting weird messages from google when we try to access blogger pages. Is something similar happening there today? Is google just trying to protect itself?


Mike Klimentov   August 7th, 2009 10:39 pm ET

It may depend on the actual blogging websites. It shouldn't be a problem on googles part, and definitely not google trying to "protect itself".


Russell   August 8th, 2009 10:56 am ET

A DOS attack does not hack the servers. It just overwhelms them. It is the same thing if I have a shared file on my computer with other computers on my network. Say for instance though I get allot of request for that shared file on my computer, more than my PC can handle. Will my PC is either going to crash as it tries to deal with the demand or severely slow down and handle the request in groups at a time causing network timeouts for request that are still in que.

So you questioning Twitter and Facebook about user information being compromised was just useless. This is completely a different type of attack.


Russell   August 8th, 2009 11:07 am ET

One thing to add though is that I would of expected Twitter to handle the situation better or have a better back up. If you have a website with so many ways to post to it and that is that popular it should of been able to handle the DOS attacks as just normal traffic.

I bet Googles global traffic is about the same as the DOS. They handle the load with multiple servers.

I just think Twitters servers should of been able to shift the load or a resolve could of been found quickly. I heard Facebook only slowed down, so what does that say to Twitter which was unresponsive.


Koray   August 8th, 2009 2:43 pm ET

Strengthening your password, using anti-virus software, and reducing spam are the three most useless security tips I've ever heard.

If people want to really protect themselves, they first need to be educated on how exactly these attacks occur in the first place. For example, these stories of people breaking into others emails has zero, zilch, nothing to do with a bad password. This is just the assumption by non-technical users who don't understand a thing about how these attacks occur, or how they are even possible.


Jay   August 8th, 2009 5:26 pm ET

I totally disagree with the headline over this article. There is a HUGE difference in being complicit and being at fault. Just because so many users do not follow best practices for computer security does not mean they are to blame for the latest DOS attack on Twitter. You might as well blame Twitter and say the attacks were their fault for letting so many ignorant computer users sign up for their services. Get real, education is must for any computer user, but with today's society, people are just to busy to learn how to safely use a computer, drive a car, use a blender, etc. The solution is not to blame the people, we just make the computers, cars, appliances, etc, safer, so it will take less intelligence to use them.


pdl   August 8th, 2009 6:56 pm ET

Oh. The horror. The horror.
Will we be faced with actual discussions with actual human beings... even *gasp* face to face?

Such a panic over a minor loss of contact for a whole couple of hours.

IMHO, there are lots of folks out there in desperate need of getting a life.


Gen. Alexander Patch   August 9th, 2009 3:15 am ET

You forgot a very important step: keep all the software on your computer current with patches!


Yeah   August 9th, 2009 5:51 pm ET

Anti-Virus 101. If people are too ignorant to already know everything that has been said in this article then they deserve to be terrorised.


Jim   August 10th, 2009 2:28 am ET

Anybody remember Iran? Twitter helped report the story as it happened. This was a test by the Russian military to see if they could disable it when they need to.


Ryan   August 10th, 2009 3:35 pm ET

To Jay: They tried that once, it was called AOL and it sucked. People need to be smarter than the technology they use, maybe not faster, maybe not as good at high speed mathematical computations. but wiser for sure. there is power in control. That is why hackers can do what they do, they are smarter than you, and smarter than the software, they always will be.


TW   August 10th, 2009 9:36 pm ET

Koray, please educate us briefly on how we can best protect our computers.


Koray   August 11th, 2009 10:06 am ET

1) Always show file extensions for everything on you computer. Viruses are executables just like any other program, so if you're downloading a "picture" and its called "something.exe," you know its BS.

2) Make sure your secret questions to your emails don't suck. Malicious users can easily break into your account by using the "Forgot your password?" option which is on ALL email providers. How? Well almost all the information they need on it can probably be found on your social networking sites, especially Facebook. The only thing lacking usually is the the secret question, so make sure it isn't something like "What was your high school mascot?" That's easily something they can get off wikipedia

3) This is related to #2, be careful how information your share about yourself on social networking sites. It's so easily accessible, and it is also very easy to impersonate people on Facebook - in order to get access to a person's page so you can view their information. Every detail you share can be used against you.

4) If you have personal websites, for God's sake privatize your WHOIS.net account details? Don't know what that is? Basically if you register a site, and you own it, the registration details that you specified when you purchased it from the hosting provider, are immediately accessible PUBLICLY through the WHOIS.net database. Anybody with an itch against you automatically will know where you live, what your phone number is, everything. You can specify to the hosting provider that you would like this information hidden (it'll cost extra), or you can pay for other 3rd party services that will do the same thing for you.

Those are real security tips.


me   August 11th, 2009 12:55 pm ET

Honestly, people are better off without Twitter.


Alex H   August 13th, 2009 6:42 am ET

Twitter's down? Oh what a loss.... a load of twatters won't be twittering about nothing... more bandwidth for the rest of us!


rich   August 13th, 2009 11:39 am ET

NO NO NO.

FIREWALL. anti-virus are only as good as the firewall keep them out.Not to mention this is an 'AFTER' responce.Either don't open the email, don't run M$ email software, which by default INFECTS machines(say no to windows), or run something like ZONEALARM or ubuntu firewall(ufw on the command console)

KEEP IT OUT.KEEP file sharing OFF, THEN THEN use an anti-virus.Using this method my computer has not had a single virus, and only ONE BSOD since pre-1995.I have only had one virus scare on 8088 level programs since 1981.ONE.

All this talk about worm and crap and I have not been even near an affected system ONCE.Not to say these attacks are not real.They are.

Half the time botnets attack high speed cable lines with the cable company stopping them.FIREWALL. NEVER NEVER connect the line directly to the cable.dsl box.ALWAYS use a hard or wifi router and enable the SPI firewall. ALWAYS.

Sometimes I run behind TWO.Haven't had a single issue yet due to such.Been total stealth since pre-1995.Test with grc.com/shields up.

XP pre-SP3 will FAIL this test,BTW.


Leave Your Comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.


subscribe RSS Icon
About this blog

Are you a gadgethead? Do you spend hours a day online? Or are you just curious about how technology impacts your life? In this digital age, it's increasingly important to be fluent, or at least familiar, with the big tech trends. From gadgets to Google, smartphones to social media, this blog will help keep you informed.

subscribe RSS Icon
twitter
Powered by WordPress.com VIP