Three separate outages appeared to hit Elon Musk’s X social media site Monday as he claimed it was suffering a ‘massive cyberattack.’
Downdetector.com first registered thousands of reports of trouble accessing or using the site around 5:30 a.m. ET. It took about an hour before those issues subsided.
Then, around 9:30 a.m., the issues appeared to flare up again, with as many as 40,000 outage reports detected. It again took about an hour for that incident to dissipate.
Finally, around 11:10 a.m., the issues cropped up again, according to Downdetector.
A representative for X couldn’t immediately be reached for comment.
Musk said Monday afternoon on X that there had been a ‘massive cyberattack’ against the site.
‘We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved,” he said. He didn’t post any evidence of a cyberattack.
Experts said the outage was consistent with a distributed denial of service (DDoS) attack, a rudimentary but sometimes effective hacker tactic to overwhelm a website with traffic, effectively knocking it offline.
Isik Mater, the director of research at NetBlocks, a company that tracks global internet connectivity, told NBC News that X had suffered intermittent outages since Monday morning. While establishing a DDoS attack with certainty can be difficult, Mater said, Musk’s claim was plausible.
“It’s difficult to be certain, but given the pattern of three observed outages, a denial [of] service attack targeting X’s infrastructure can’t be ruled out,” she said. “It’s certainly one of the longest X/Twitter outages in our records.”
Musk said in an interview Monday afternoon on Fox Business that the outage was due to “a massive cyberattack to try to bring down the X system with IP addresses originating in the Ukraine area,” a reference to internet protocol addresses. IP addresses, strings of numbers assigned to all internet-connected devices, include codes indicating their countries of origin.
Large DDoS attacks usually rely on large armies of hacked devices from around the world. The IP addresses of the devices used against X aren’t public, and they are unlikely to be a reliable indication of where the attacker was based.