Professionals have questioned Elon Musk’s assertion that hackers in Ukraine were responsible for a major X outage.
From users all around the world, platform watchdog Downdetector notes it had more than 1.6 million complaints of issues with the social media site on Monday.
Musk claimed in an interview with the Fox Business channel, “We’re not exactly sure what happened but there was a massive cyberattack to try and bring down the X system with IP [Internet Protocol] addresses originating in the Ukraine area.”
Professor Ciaran Martin of Oxford University’s Blavatnik School of Government told the BBC that explanation was “pretty much garbage” and “wholly unconvincing.”
Former head of the UK’s National Cyber Security Centre, Prof. Martin, claims X appeared to be targeted by what is known as a distributed denial of service (DDoS) assault, whereby hackers flood a server with internet traffic to stop people from accessing to a website.
“It’s not that sophisticated; it’s an ancient technique,” Mr. Martin said on Radio 4’s Today program.
“I can’t think of a company of the size and standing internationally of X that’s fallen over to a DDoS attack for a very long time,” he remarked.
The episode at X “doesn’t reflect well on their cybersecurity,” he said.
Loading symbols greeted many users attempting to access the platform and refresh feeds on its app and desktop website during Monday’s disruptions.
A frequent opponent of Ukraine and its president, Volodymyr Zelensky, Musk has provided no proof to back up his allegation and has not stated whether or not he believes state agents were involved.
He said on X, “Either a large, coordinated group and/or a country is involved”.
Prof. Martin noted, however, tracking IP addresses “tells you absolutely nothing,” since hackers in this context would take over machines from all around the globe.
The BBC has sought comments from the Ukrainian embassy located in Washington, DC.
Alp Toker, director of NetBlocks, which tracks web service connections, said his measurements indicated the failures were likely connected to a cyber attack.
He said to the BBC, “What we have been seeing is consistent with what we have seen in past denial of service attacks, rather than a configuration or coding error in the platform.”
On Monday, he claimed, the company had many significant disruptions spanning more than six hours, “each having a global impact”.
“This is among the longest X/Twitter outages we have tracked in terms of duration; the pattern is consistent with a denial of service attack aiming X’s infrastructure at scale,” he said.
Though these have not been verified, Musk has before alleged that DDoS attacks had attacked the platform.
X is a frequent target for disruptive and attention-seeking attacks, just as all big social networks.
But X has a history of declining owing to these attacks far more than other bigger sites like Facebook and Instagram.
To pressure Elon Musk into launching his Starlink service in their nation, a small gang of hackers known as Anonymous Sudan brought the website off-grid in more than a dozen countries for hours in 2023.
Two guys were arrested in 2024 for leading the gang; the case shows that, with the correct tools and knowledge, hackers may disrupt X with DDoS attacks from anywhere in the world.
According to Sian John, chief technology officer of cyber security company NCC Group, DDoS attacks—which are “an increasingly popular tool” for criminals are seeing a “sharp rise”.
She said, “Businesses that store significant volumes of sensitive data, like tech firms, financial institutions, and healthcare providers, are frequent targets.”
“Any company with an online presence is at risk, though.”
Extra reporting by Chris Vallance, Imran Rahman-Jones, and Joe Tidy.
