Experts have raised doubts about Elon Musk's claim that a large-scale outage on X was caused by hackers from Ukraine.
Platform monitor Downdetector recorded over 1.6 million reports of issues on Monday from users worldwide.
Musk, in an interview with Fox Business, suggested a cyber-attack targeted X, claiming it was from "IP addresses originating in the Ukraine area."
However, Ciaran Martin, a professor at Oxford University's Blavatnik School of Government and former head of the UK's National Cyber Security Centre, called this explanation "unconvincing" and "pretty much garbage." He believes the outage was likely due to a Distributed Denial of Service (DDoS) attack, a common technique where hackers overwhelm a server with traffic to block users from accessing a site. Martin emphasized that such attacks are "not sophisticated" and that X’s security should have withstood it.
During the outage, many users faced loading icons when trying to refresh feeds on the app and website.
Musk, who has criticized Ukraine and President Zelensky, has not provided evidence to support his claim, nor has he commented on whether state actors were involved.
While Musk suggested a "large, coordinated group and/or a country" may have been behind the attack, Martin argued that tracing IP addresses "tells you absolutely nothing," as hackers can use devices globally.
Alp Toker, director of Netblocks, which tracks web service connectivity, said the outages aligned with previous DDoS attacks rather than a platform error, noting the incident lasted over six hours with global impact.
Musk has previously claimed DDoS attacks against the platform, though none have been confirmed. X has been targeted by such attacks more frequently than other major sites like Facebook and Instagram. In 2023, the group Anonymous Sudan took the site offline in multiple countries to pressure Musk into launching Starlink in their region.
Sian John, CTO of cybersecurity company NCC Group, warned of a rise in DDoS attacks, noting that businesses with large amounts of sensitive data, like tech companies and financial institutions, are frequent targets—but any online entity is at risk.
Comments