X Sees Widespread Outages Monday Following Cyberattack

Key Takeaways

• Outages on X: Users experienced significant disruptions on Monday morning, continuing into the afternoon, affecting login, profile viewing, and image loading.
• Downdetector Reports: Outage reports began emerging early in the morning EST, with three additional spikes recorded during the day. Functionality returned to normal around 2:30 p.m. ET.
• DDoS Attack: Experts believe the attack was a distributed denial-of-service (DDoS) attack, involving overwhelming traffic directed at the site. While some IP addresses traced to Ukraine, this does not conclusively identify the attack's origin.
• Unclear Source: U.S. officials have not yet identified the source of the attack. A pro-Palestinian hacking group, Dark Storm, has claimed responsibility and presented evidence via Telegram.

Deep Dive

Users of the social media site X experienced outages on Monday morning, continuing into the afternoon. They encountered issues with logging in, viewing posts and profiles, and loading images. According to Downdetector, an outage tracking site, reports of disruptions began to emerge in the early morning EST. Three additional spikes in outages were recorded throughout the day. The number of reports started to decline steadily around 2:30 p.m. ET, and the site largely returned to normal functionality.

X’s owner, Elon Musk, addressed the outages on the platform, stating, “There was (still is) a massive cyberattack against X. We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.” Musk also appeared on Fox Business’s Kudlow later on Monday, claiming that the attack on X originated from “IP addresses in the Ukraine area.”

Musk’s comments regarding the attack have been met with some scrutiny from cybersecurity experts. Initial evidence points to the incident being a distributed denial-of-service (DDoS) attack, a method where large volumes of traffic are directed at a website, causing it to crash. Experts note that a DDoS attack typically involves compromising devices worldwide, which are then used to direct traffic toward the targeted site. While some traced IP addresses may have originated from Ukraine, it is not conclusive that all of them did.

Additionally, these IP addresses do not provide definitive information on the origin of the attack. Some experts have pointed out that the attack could indicate vulnerabilities in X’s cybersecurity, as DDoS attacks, while still common, are considered an older form of cyberattack. Nonetheless, DDoS attacks have seen an increase in frequency recently. However, officials have not yet definitively determined the origin of the attack. A pro-Palestinian hacking group, Dark Storm, has claimed responsibility for the attack and provided evidence on their Telegram channel.

Musk’s comments have also drawn criticism from Ukraine. Oleksandr Merezhko, head of Ukraine’s parliamentary foreign affairs committee, called the timing of Musk's remarks “very bad” in an interview with Newsweek, considering the ongoing talks between the US and Ukraine. The timing is also problematic for Musk, who heads the Trump administration’s Department of Government Efficiency (DOGE), as the cyberattack coincides with protests against DOGE and Musk, as well as vandalism at Tesla locations—another of Musk’s companies.

An official from the Trump administration, who spoke anonymously, reported that US officials have yet to determine the source of the attack.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.