Business Continuity/Disaster Recovery , Cybersecurity , Governance

Facebook Denies Hackers Caused Outage

Blames Brief Outage on Technical Problem
Facebook Denies Hackers Caused Outage

Facebook dismisses suggestions that its brief Jan. 26 website outage was triggered by a hack attack or U.S. blizzard conditions, and instead blames an internal technical error.

See Also: Bank Payment Clearance Vulnerabilities: Faster Payments, Faster Fraud?

"Many people had trouble accessing Facebook and Instagram," a Facebook spokeswoman tells Information Security Media Group. "This was not the result of a third-party attack, but instead occurred after we introduced a change that affected our configuration systems. We moved quickly to fix the problem, and both services are back to 100 percent for everyone."

The Facebook outage reportedly lasted for more than an hour for some users, and was not confined to the United States. Other apps and services that rely on Facebook - including photo-sharing site Instagram - were reportedly also knocked offline by Facebook's outage. But other apps that don't appear to use Facebook's services, including dating app Tindr, and the instant messaging programs and chat clients AIM and HipChat, also appeared to have been disrupted.

Facebook said the technical problem, which centered on its API servers and started Jan. 26 at about 22:10 PST, "was resolved at 23:10 PST and the site stabilized shortly afterwards," according to its developer's site. "We are sorry for any inconvenience this may have caused you and the users of your apps."

Facebook's statement on its disruption comes in the wake of - and refutes - the distributed-denial-of-service attack gang Lizard Squad appearing to take credit for the outage, via its Lizard Mafia Twitter account. The group posted the following message: "Facebook, Instagram, Tinder, AIM, Hipchat #offline #LizardSquad."

Some commentators used the Facebook outage to suggest that people rethink their social network habits. "I hope you all took advantage of the 35 second Facebook outage to Like a person in real life. #Faceboogeddon," tweeted media analyst Arthur Goldstuck.

"Facebook's been down for an hour and I've already written four novels and a symphony," tweeted Australian journalist "McGrumpypants."

Outage Triggered Further Disruptions?

Based on website outage information produced by multiple Internet-monitoring firms, the Facebook outage also appeared to coincide with - or perhaps trigger - disruptions in other services, including Akamai's content delivery network. "So if this is right, the FB outage was big enough that [its] knock-on effect caused a DDoS-like outage to its CDN, Akamai," tweeted Marc Rogers, a principal security researcher at DDoS defense firm CloudFlare. Akamai's disruption could explain why services that don't rely on Facebook - such as HipChat, AIM and Tinder - were reportedly also offline during the Facebook disruption, because all appear to use the Akamai CDN, Rogers says.

Akamai declined to comment on the analysis from Rogers. "By policy, Akamai does not comment on other companies' business," says Akamai spokeswoman Karine Gourdon. "That being said, Akamai services are performing as expected."

Lizard Squad Promises Data Leak

A tweet by Lizard Squad, which appeared to claim credit for the Facebook disruption, arrived less than 24 hours after the hacking group claimed credit for a Domain Name System compromise of the Malaysia Airlines website (see Malaysia Airlines Website Hacked). The hackers rerouted website visitors to a page that displayed the group's logo - a monocled lizard, wearing a top hat - together with a "404 - Plane Not Found" spoof error message.

Malaysia Airlines issued a Jan. 26 statement promising its customers that "user data remains secured" and said full service would be restored as DNS fixes slowly propagated globally. By Jan. 27, the site appeared to have been fully restored.

But Lizard Squad has disputed the airline's promise that the hack attack was limited to rerouting and defacing its website. "We would like to point out that @MAS is lying about user data not being compromised," the group tweeted. Lizard Squad also released travel itineraries for some Malaysia Airlines passengers - including one Malaysian government minister - that are reportedly authentic.

Lizard Squad, in a Jan. 27 tweet, threatened to release more stolen data stolen from Malaysia Airlines. While the group hasn't specified exactly what data it obtained from the airline, it has suggested that it pertains to corporate e-mails.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.




Around the Network