On March 10th, social media platform X experienced intermittent outages, which owner Elon Musk attributed to a large and coordinated cyberattack. Musk stated “We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.”
Downdetector, a website that monitors outages on various sites and platforms, reported thousands of outages, with an initial spike at around 5:45am and a second surge continuing until midday, which affected users on the X mobile app. Over 39,000 users in the U.S. were blocked from accessing the platform at 10 am ET, according to Downdetector. But, by 5 pm, reports of outages decreased to around 1,500 users.
An anonymous source in the internet infrastructure industry said X was hit by several waves of denial-of-service (DDoS) attacks starting around 9:45 UTC. DDoS attacks work by overwhelming target websites with more traffic than the website can handle, so users of the sites are unable to access it.
Musk later claimed the cyberattack originated from IP addresses in the Ukraine area. However, an anonymous industry source disputed this, stating that much of the DDoS traffic came from IP addresses in the United States, Vietnam, Brazil, and other countries, and that traffic from Ukraine was “insignificant.” DDoS attacks are difficult to trace, with any traced IP addresses rarely pointing to the cybercriminal themselves.
