Why a DDoS attack did not take down Facebook

On March 13, Facebook suffered a significant outrage, along with its subsidiary social media platforms WhatsApp and Instagram. This caused many people across the Internet to believe that the company had experienced a denial-of-service (DDoS) attack. But it turns out that these people were entirely wrong.

Facebook + Instagram Crash
Facebook + Instagram Crash

At the time of the outage, Facebook actually had to use Twitter to announce that, while it had not yet determined what caused the problem, it was certain that a DDoS attack was not the culprit. 

What actually happened to the websites was not clear at the time it happened. At first, the company said that the issues were related to application programming interface (API) requests that were not functioning correctly. This led some experts to speculate that the problem may have been linked to a domain name system (DNS) problem or to a maintenance issue. Though the following day the company indicated that the problem was actually related to a server configuration change that they had initiated and that they had subsequently fixed it.

But even before the company issued this statement, it was clear to Internet security experts that a DDoS attack had not caused the outage. Troy Mursch, who is a security researcher who publishes the Bad Packets Report and who closely follows attacks, said that there was no evidence whatsoever that an attack had brought down the sites and that his company had confirmed that there had been no such attack. 

This does not mean that hackers do not attempt to attack Facebook. They do so all the time. Once they even gained access to 30 million user accounts. But the value in attacking the social media platform comes from accessing its data not from shutting it down. What’s more, even if some hackers wanted to shut the website down, it is not clear whether they could actually accomplish this. 

Primarily, a DDoS attack works by overwhelming a site with lots of web traffic. By doing this, it becomes difficult if not impossible to load a web page or update an app. Such attempts are not uncommon. Last year, according to a network security firm called NetScout, hackers sent 1.7 terabits per second (Tbps) of data to a single website. In another attack, GitHub received 1.35 Tbps of traffic. But neither of these attacks actually brought their targets down. 

According to Alex Henthorn-Iwane, who is the vice-president of a network security company called ThousandEyes, the reason that these attacks do not work on large websites is that the sites have massive amounts of bandwidth and connectivity at their disposal. So, they can handle practically any traffic a hacker could conceivably throw at them. He further believes that these companies have designed their systems specifically to handle such attacks. 

The most disruptive DDoS attacks in recent years have focused not on individual websites but on Internet infrastructure. In 2016, an attack shut down large chunks of the U.S. East Coast by attacking a company called Dyn that handles DNS services, which typically do not require large amounts of resources. So, the company was not prepared for an attack. 

Security experts believe that automatically associating website outrages with attacks makes their job even more difficult. This is because, while they are trying to both determine what caused an outage and get the truth out, they have to deal with being inundated with a flood of misinformation over social media. They say that while hackers will continue to compromise large websites, people should understand that they will unlikely be able to bring them down through DDoS attacks.

Isaac Adams-Hands

Full Stack Developer, Digital Marketer, and InfoSec enthusiast. He received his Bachelor’s Degree from the University of Western Sydney and his Business Diploma from Georgian College before joining various marketing positions in search portals, e-commerce, higher education, and addiction recovery services.

Follow @ twitter

Related posts

HTML sitemap w/o a WP Plugin

Have you heard about HTML sitemap? Well, it offers easy navigation for your website visitors. To be more precise, it’s the bulleted outline text version of a website. The visitors can use the sitemap to easily find/locate any topic which they can’t find searching through the whole website menus. The best part is that HTML… Read More

Backup VestaCP with Restic [Ubuntu]

Now that my VestaCP install is north of 100GB, backups are becoming more challenging. To achieve an extra level of security, I started backing up my server to S3 using Restic. Here are the steps I took to achieve this. 1. SSH into your box.ssh root@IP 2. Install Resticapt install restic *if you don’t have… Read More