The Real Reason Twitter Actually Went Down Sounds Pretty Embarrassing
During a Fox News interview earlier this week, multi-hypenate billionaire and X-formerly-Twitter owner Elon Musk blamed a "massive cyberattack" that repeatedly took down the site yesterday as coming from Ukraine. However, a closer look at the evidence reveals that Musk's claims are flimsy at best.
Musk claimed that "IP addresses" behind the attack originated in the embattled European nation. But experts told Wired that this is far from actual proof. "What we can conclude from the IP data is the geographic distribution of traffic sources, which may provide insights into botnet composition or infrastructure used," connectivity firm Zayo chief security officer Shawn Edwards explained.
"What we can’t conclude with certainty is the actual perpetrator’s identity or intent," Edwards added. One researcher claimed in an interview with Wired that Ukraine wasn't even in the top 20 IP addresses involved in the attack, casting doubt on Musk's assertion.
Pro-Palestine Hacking Group Takes Credit for Attack
Since then, a pro-Palestine hacking group called Dark Storm Team claimed responsibility for the attacks in now-deleted Telegram posts. This development raises questions about Musk's motives and whether state actors were indeed behind the attack.
Technical Oversights Expose Twitter to Vulnerability
Security researchers told Wired that several X origin servers, which are designated to respond to web requests, weren't secured by the company's Cloudflare protection. This glaring technical oversight allowed the hackers to target and exploit vulnerabilities in the system.
"The botnet was directly attacking the IP and a bunch more on that X subnet yesterday," independent security researcher Kevin Beaumont explained. "It's a botnet of cameras and DVRs." The ease with which the attackers were able to breach Twitter's defenses is concerning, especially considering the frequency of DDoS attacks targeting online services.
Experts Weigh in on the Attack
"There are kind of two types of cyber attacks — there are ones that are designed to be very loud and there are ones that are designed to be very quiet," cyber operations Nicholas Reese told the Associated Press. "And the ones that are usually the most valuable are the ones that are very quiet." "Something like this was designed to be discovered," he added.
"So to me that almost certainly eliminates state actors. And the value that they would have gained from it is pretty low," Reese explained. This assessment suggests that while the attack may have been sophisticated, its motivations and perpetrators remain unclear.
Anti-Musk Sentiment Raises Questions About Musk’s Claims
Musk has certainly made plenty of enemies with his embracing of extreme-right ideologies and plundering of the US government. The dealerships of his car company Tesla have been targeted with protests and vandalism across the country, indicating a massive flare-up in anti-Musk sentiment.
In other words, a DDoS attack against Musk's social media mouthpiece isn’t exactly surprising, regardless of who was behind it. It’s possible that Musk is trying to deflect attention from his own controversies by blaming an external entity for the attack.