What

When a social network is taken down by a distributed denial of service (DDoS) attack, it’s somewhere between “an inconvenience and real trouble” for an enterprise, according a security expert.

But there are other security breaches at sites like Twitter and Facebook that can be much more dangerous, said Vaclav Vincalek, president of Vancouver network support and security firm Pacific Coast Information Services Ltd.

Both Twitter and Facebook were brought under DDoS attacks Thursday morning.

The Twitter micro-blogging and social networking service was hit with a denial of service attack that rendered the site unavailable for users.

Twitter reported the attack in a post on its blog at about 11a.m.

“We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate,” the company said in a blog posting by Twitter co-founder Biz Stone.

In a status report about an hour following its acknowledgement of the attack, Twitter reported that the site was back up, but users still were having trouble reaching it. The site itself was down for about two hours before it resumed service, although Twitter remained under attack and warned users in another status update that as it recovered, users would experience “some longer load times and slowness,” as well as network timeouts.

The attack on Facebook did not appear to be as severe.

Facebook reported on its own Facebook profile Thursday that users may have had trouble accessing the site or its services because of the attack, but that the situation seemed well in hand by late morning in California, where the company is located.

“We have restored full access for most people,” the company reported. “We’ll keep monitoring the situation to make sure you have the reliable experience you expect from us.”

Users reported that Facebook was not loading properly or could not be accessed early Thursday, but the site seemed to be working properly by late morning.

The outages were only an inconvenience for most enterprises, but that could change, Vincalek said.

“In today’s environment, companies are using social networks to promote themselves,” he said. With the servers down, followers may miss corporate information that’s being sent out, and enterprises can’t monitor what’s being said about them.

Since there aren’t enterprise applications that are entirely dependent on Twitter, the outage isn’t a serious problem. However, if, in future, enterprises begin integrating Twitter into their workflow, that’s another story, he said.

And there’s the potential for loss if companies have made Twitter part of the sales channel, he said. Dell Computer Corp., for example, promotes deals on its PCs through Twitter; the channel accounts for several million in sales, according to Vincalek.

But social network attacks that don’t bring the site down are more dangerous, he said.

Hackers have managed to imbed malicious code in tweets, and enterprise users who are on the network can bring that code inside the firewall. The shortened URLs used in Twitter, for example, can be misleading and can take users to dangerous sites.

“You have no idea where the link is going,” he said.

“That’s where the immediate threat lies for organizations.”

Social networking sites “are not as concerned about security as, say, a banking site,” Vincalek said. “I’m not saying they’re oblivious … they have other things to worry about.”

— With files from Elizabeth Montalbano, IDG News Service (New York Bureau)

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now