Elon Musk confirmed yesterday that social media platform X was hit by a “massive cyberattack” affecting users since Monday, causing issues like the inability to view posts or profiles properly.
“There was (still is) a massive cyberattack against ,” he said. “We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.”
DownDetector reported multiple waves of attacks, with tens of thousands of users experiencing outages. Speaking to Fox Business, Musk said the attack involved IP addresses from the Ukraine area and suggested it may have been carried out by a large group or possibly a nation-state.
However, Musk has offered no evidence to back up this claim, which Professor Ciaran Martin from Oxford University’s Blavatnik School of Government (and former head of the UK’s National Cyber Security Centre) told the BBC was “wholly unconvincing” and “pretty much garbage.”
However, Reuters reported that much of the traffic behind the attack actually came from the US, Vietnam, and Brazil, with little coming from Ukraine.
A hacker group called Dark Storm Team believed to have ties to Russia, has claimed responsibility, though other hacktivist groups have also claimed they were behind the attack.
Independent Verification Needed
J Stephen Kowski, Field CTO SlashNext, says determining the actual cause of outages requires independent verification, as it’s challenging to confirm cyber-attacks without direct access to the targeted infrastructure. “Major platforms typically face numerous attack attempts daily, making such claims plausible, though a group called ‘Dark Storm Team’ claiming responsibility on Telegram would need to be verified through advanced threat detection technology rather than public statements alone. The evidence from and from the attackers claiming credit appears very limited.” Kowski says for every company, there is a tradeoff between cybersecurity defense costs and revenue-generating activities, with most companies being a bit understaffed and under-resourced in their security operations.Cyberwar Hitting Full Force
Chad Cragle, CISO at Deepwatch, says is under relentless cyberattacks; 24/7/365. This far beyond simple DoS attempts, but rather full-scale DDoS assaults, combined with sophisticated botnet activity, credential stuffing, API abuse, and targeted application-layer attacks designed to cripple operations. While technical issues can happen, ’s engineers understand scalability and redundancy, Cragle adds. “This isn’t incompetence; it’s cyberwar hitting at full force. With Musk in the spotlight and political tensions at a peak, these attacks bear all the indicators of nation-state aggression. They’re throwing everything but the kitchen sink at , and others pushing for maximum disruption, downtime, and, if possible, data exposure.”Cybersecurity is an Investment
“Cybersecurity is not a cost, it is an investment,” ends Evan Dornbush, a former NSA cybersecurity expert. “Preventing breaches, DDoS attacks, and other business impacts is more cost-effective than dealing with the inevitable, highly public, aftermath of one. “In this volatile employment market, there’s no shortage of highly talented and respected engineers who can help.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.