Elon Musk’s recent claim on monday that a distributed denial-of-service (DDoS) attack on X (formerly Twitter) came from Ukraine has sparked skepticism among cybersecurity experts.
On Monday, X was hit with a large-scale attack that disrupted the platform worldwide by a group known as the Dark Storm, an hacktivists group responsible for similar cyber disruptions.
Musk later said in an interview with Fox Business that the attack has been traced to an IP address in Ukraine. However, cybersecurity professionals and tech-savvy users on X quickly pointed out that IP addresses are flawed when it comes to determining where the attack came from.
Noting that attackers commonly use things like virtual private networks (VPNs) and IP spoofing as well as stealing server credentials to mask their true location, making it nearly impossible to pinpoint the real source.
Why IP Addresses Can’t Be Trusted
Cyber experts warn that IP addresses can easily be manipulated. Microsoft Azure Software Developer Siri Vegiraju explains that attackers use methods like IP spoofing, where they forge packets that appear as if they’re coming from somewhere else.
Additionally,They also send attacks through devices that are already infected and pose as anonymous sources worldwide.
Scott Renna, a Senior Solutions Architect with expertise in securing blockchain, also mentioned that DDOS attacks are decentralized, meaning they come from different sources rather than any single place you can pinpoint definitively.
This makes it highly unlikely for connection in the attacks to consistently come from the same country.
How DDoS Attacks Are Carried Out and Prevented
DDoS attacks are now being sold as services. Some companies provide legitimate ‘stresser’ tools to test IT infrastructure, others, however, provide illegal booter services through which people pay to carry targeted attacks.
To defend against these attacks, cybersecurity teams often use methods like blackhole routing which blocks all the traffic directed to a specific server during an attack and geo-blocking, which restrict access from high-risk regions.
However, no solution is perfect, even the best providers like Cloudflare warn that businesses need to be prepared for potential failures also.
In the end, while the X attack remains unsolved, experts agree that Musk’s quick reaction immediately linking the attack to Ukraine fails to consider full complexity in cyber warfare.
