DDOS attack slammed Twitter with 20 times normal traffic volume
NTT America, Twitter's Internet service provider, confirmed that the DDOS attack against Twitter has continued today, with huge waves of malicious requests crashing up against Twitter's now-activated defenses. The countermeasures seem to be working; on Friday evening, pages loaded on Twitter without an obvious lag. See earlier interview here.
An e-mail from Michael Wheeler, vice president of NTT America's Global IP Network, included the following update:
We can confirm that the attack has been ongoing and has varied in intensity. On Friday morning there was an increase in the intensity and the variables of the attack. At various times during the attack we have seen the levels of traffic rise between 15 and 20 times the normal traffic volume we have historically seen for Twitter.
Wheeler also expanded on Twitter's choice of security level, explaining that different types of business may require different levels of defense against such attacks:
Many Financial clients have regulatory requirements that require them to have certain levels of security, including DDoS related situations. In the case of Twitter, they are not required to maintain those same levels due to the nature of their business. Many clients use their own internal tools, external services, or a combination of services to address DDoS related attacks.
On the question of whether Twitter should have had a higher level of security protection, Wheeler said the following:
There is no way in hindsight to conclude what would or would not have minimized the impact of the attack due to the number of variables involved. Generally speaking, more security is better then less, but DDoS attacks vary in size and complexity so there is no way of knowing what may have lessened the impact after the fact.
-- David Sarno
Follow my variable-rate stream of tech and culture-related musings on Twitter: @dsarno