Yesterday, at about 11am EST, a hashtag started trending on Twitter: #Facebookdown. The social media site and its sister, Instagram, were suffering an outage. Some users weren’t able to log in to their accounts at all while others were experiencing limited functionality.
It was the worst disruption to the platform since 2008 when Facebook user numbers were 150 million – compared with 2.3bn monthly users currently on the social network.
During and after the outage, speculation was rife about a cyber-attack. After all, the social network has had a bad year that has seen it be a victim of several successful hacks and data leaks.
Much of the speculation centres around whether Facebook could have been the victim of a distributed denial of service (DDoS) attack, where a website is taken offline because an attacker is flooding it with traffic. Facebook strongly denies this.
What we know so far
Facebook has responded. A spokesperson told me: “We’re aware that some people are currently having trouble accessing the Facebook family of apps. We’re focused on working to resolve the issue as soon as possible, but can confirm the issue is not related to a DDoS attack.”
If it wasn’t a DDoS attack, what else could it be? Suggestions range from a simple misconfiguration error, to a planned cyber-attack by a malicious actor.
The case for
Only time will tell the real reason for the outage, but experts don’t dismiss the idea that a malicious actor could be at fault. “Despite initial reports that the issues at Facebook and Instagram have been caused by an overloaded data server, there is still every possibility that these outages could be the result of malicious actors,” says Dr Max Eiza, lecturer in computing at the University of Central Lancashire.
Dr Eiza points out that it has previously “taken weeks” for tech giants to own up to the fact that system outages have been the result of DoS attacks (something which Facebook strongly denies). However, says Dr Eiza, until a full investigation has been conducted, it’s impossible to rule this out.
And even if this issue is the result of internal failures, Dr Eiza warns that there is still a chance that malicious actors could have seized this downtime to get hold of data. “There’s every possibility that the data of Facebook and Instagram users could be at risk.”
Edward Whittingham – a former police officer and qualified solicitor, who is now the MD of The Defence Works – is yet to be convinced by Facebook’s denial. “Facebook have flat out denied that their outage could be caused by a distributed denial of service attack but I’m yet to be convinced – especially given their very vague explanations,” he says.
Indeed, Whittingham says the outage “has all of the hallmarks of a DDoS attack”, given that the sole purpose of these types of attacks is to bring down entire websites.
This article originally appeared on Forbes