Elinor Mills
(Credit: CNET)CNET security and privacy reporter Elinor Mills, who has been reporting on the Twitter, Facebook, and Google denial of service attacks since early Thursday morning, interviewed a Facebook executive who told her that the attacks appeared not to be aimed at Twitter or Facebook but toward an individual person who blogs about independence of a breakaway region of Georgia. But even though it was aimed at one person, the sheer size of the attack was enough to bring down Twitter and impact Facebook.
The podcast runs 4 minutes and 53 seconds.
Listen now: Download today's podcast
Of course you're not personally responsible for bringing down Twitter, but if your computer isn't equipped with up-to-date anti-malware software and the latest version of your operating system, you could unwittingly be part of the problem.
Twitter has confirmed that its outage Thursday morning and subsequent intermittent problems were due to an ongoing denial-of-service attack. Facebook also "encountered network issues related to an apparent distributed denial-of-service attack, that resulted in degraded service for some users," according to a company spokesperson.
Typically a DoS attack, which is often called a distributed denial-of-service attack, results when multiple computers simultaneously try to access the site in question. Usually the reason that happens is because the attacking PCs are infected with malware that does the dirty work for whoever is behind the attack.
As Symantec blogger Marian Merritt pointed out, "It's often the case that DDoS attacks come from computers infected with bots, turning them into zombie computers doing their cybercriminal's bidding. "
You can help prevent your PC from being part of such an insidious scheme by:
* Using a good anti-malware suite from a reputable vendor such as Symantec, TrendMicro, McAfee, ZoneAlarm, or CA. You can find trial versions of such programs as well as the excellent AVG-Anti Virus Free Edition at CNET's Download.com
* Making sure your operating system has the latest patches. Visit Microsoft and Apple security pages for information.
* Avoid clicking on e-mail links that take you to Web sites you're not familiar with (malware is often distributed through "drive-by downloads" from unreputable or infected sites).
Visit CNET's security center for more security news.
Podcast: Larry talks with CNET security reporter Elinor Mills about how the attack may have been aimed at a single individual who blogs about Georgia. The podcast runs 4 minutes and 53 seconds.
Listen now: Download today's podcast
Symantec's Kevin Haley says the malicious software responsible for attacking government and other sites in the U.S. and South Korea contains code that could turn against host PCs, erasing data and making the machines unbootable.
The attacks, which have been going on since July 4, have affected Web sites operated by several U.S. and South Korean government agencies including the U.S. Treasury Department and White House and the South Korean Ministry of Defense. Some company sites, including The Washington Post, have also been affected.
Like other distributed denial of service attacks, the actual PCs that are doing the attack are part of a "botnet." They have been infected with malicious software designed to carry out the attack. And, as CNET's Elinor Mills reported earlier, that same software could wipe out data on infected PCs.
Listen to Symantec's Kevin Haley discuss the risk:
Listen now: Download today's podcast
- prev
- 1
- next
