Someday after X went down for hours, safety researchers are throwing chilly water on Elon Musk’s public feedback about who may be behind the DDoS assault. On Monday, as X was nonetheless struggling to stay on-line, Musk mentioned in a put up that the positioning had been introduced down by a “large cyberattack” executed by “a big, coordinated group and/or a rustic.” Later that day, in an interview with Fox Information, he mentioned the assault concerned "IP addresses originating within the Ukraine space."
He by no means supplied proof for both declare. However, in a brand new report from Wired, safety researchers provided a really completely different view on the assault. Safety consultants interviewed by the publication mentioned that that they had seen little proof that Ukrainian IP addresses performed a big function within the DDoS assault, with one researcher saying the nation wasn’t even within the prime 20 international locations of origin concerned.
The report additionally means that, regardless of Musk’s assertion there have been “lots of sources” concerned, X might have inadvertently left its programs inclined to a DDoS assault just like the one which occurred Monday. “X origin servers, which reply to net requests, weren't correctly secured behind the corporate's Cloudflare DDoS safety and had been publicly seen,” Wired writes. “Because of this, attackers might goal them immediately. X has since secured the servers.”
Notably, this wouldn’t be the primary time Musk has blamed an unspecified “cyberattack” when confronted with an embarrassing failure of X’s programs. Final 12 months, Musk blamed a “large DDoS assault” for crashing a deliberate livestream with Donald Trump, who was operating for president on the time. Musk by no means defined how a DDoS assault might convey down just one function on the positioning. The Vergelater reported that there had been no such assault.
X didn’t reply to a request for remark.
This text initially appeared on Engadget at https://www.engadget.com/social-media/security-researchers-arent-buying-musks-spin-on-the-cyberattack-that-took-down-x-203402687.html?src=rss