NNSquad - Network Neutrality Squad
[ NNSquad ] Twitter outage was indeed DNS attack
Greetings. Twitter has not officially released details on last night's hacking-related outage of their Web site, other than to state that it was (as many of us suspected) a DNS-related attack. There are some other details floating around unofficially. Twitter's DNS services are provided by Dyn Inc.'s Dynect Platform. Dyn is insisting that their systems were not compromised and that nobody accessed Twitter's DNS data without appropriate (login) credentials. This suggests (but again, this is *not* confirmed) that Twitter's account on Dyn was somehow itself compromised, possibly through "social engineering" or other techniques that resulted in the attackers gaining login access to the Twitter account on Dynect, allowing them to change the associated DNS data. (From Dyn's standpoint, this could still be considered to be "appropriate login credentials.") It goes without saying that the "Iranian Cyber Army" hack page is almost certainly a fraud, and there are no indications that Iran actually had anything to do with this attack (breathless statements blaming Iran being made by some media points notwithstanding). By the way, I've seen this exact page resulting from various bot-based, non-DNS attacks in the past. Presumably more "official" statements about what transpired will be forthcoming at some point, after the finger-pointing slows down a bit. Of course this once again demonstrates the fragility of DNS, but that's hardly a headline news revelation at this stage of the game. --Lauren-- NNSquad Moderator