Elon Musk Points to Ukrainian Hackers in X Cyber Attack
Elon Musk has raised concerns over a significant cyber attack on his social media platform, X, suggesting that hackers based in Ukraine may be responsible. On Monday, countless users across the United States and the United Kingdom reported experiencing technical difficulties with the platform, as noted by Downdetector, which monitors website outages.
In a preliminary post on X, Musk stated that the incident involved “a large, coordinated group and/or a country.” He added, “We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved. Tracing…”
During an interview with Fox Business Network later that day, Musk expressed uncertainty about the specifics of the attack but indicated that it originated from IP addresses “in the Ukraine area.” The scale of the disruption was notable, with over 40,000 users in the US and at least 8,000 in the UK reporting outages. According to Downdetector, 56% of the issues were tied to the X app, while 33% were linked to the website.
This incident adds to the complexities surrounding Musk’s role in the ongoing geopolitical tensions, especially as the Trump administration, of which Musk is a part, continues to advocate for a ceasefire between Ukraine and Russia. On Sunday, Musk, who oversees the Department of Government Efficiency (often playfully referred to as Doge), claimed that the Ukrainian army’s entire front line would falter without his Starlink internet service.
In a related development, Ukrainian President Volodymyr Zelensky expressed his willingness to negotiate a minerals deal with the United States, aiming to establish a joint fund derived from the sale of Ukrainian minerals.
Expert Analysis on the Cyber Attack
Nicholas Reese, a cyber operations expert from the Centre for Global Affairs at New York University’s School of Professional Studies, stated that the notion of a state actor being behind the X outages “doesn’t make a lot of sense,” given the brief nature of the disruptions. He suggested that such an attack could serve as a warning for something more significant to follow.
Reese elaborated, “There are essentially two categories of cyber attacks: those intended to make a loud statement and those designed to remain under the radar. The most valuable attacks tend to be the quiet ones. This incident seems engineered for discovery, which likely rules out state actors. The benefits gained from it appear minimal.” He speculated that a group may have intended to make a statement by causing outages, but suggested that such temporary disruptions “aren’t particularly impactful” unless followed by further actions.
Alp Toker, director of Netblocks, an organization that monitors the connectivity of web services, provided insights to the BBC, stating that their metrics indicated the outages might be linked to a cyber attack. “What we observed aligns with patterns seen in past denial-of-service attacks, rather than a mere configuration or coding error,” he noted.
Toker highlighted that multiple significant outages occurred over six hours on Monday, each having a global impact. “This is among the longest X/Twitter outages we’ve recorded in terms of duration, and the pattern strongly suggests a denial-of-service attack targeting X’s infrastructure at scale,” he said.
The phrase “X outage” trended on rival social media platform BlueSky, where some posts welcomed users and encouraged them to stay engaged. Musk, who acquired the platform formerly known as Twitter in 2022 and also serves as the CEO of Tesla, continues to manage X while having access to US government data systems, often humorously donning a t-shirt that reads “tech support.”
In March 2023, the platform then known as Twitter faced a series of glitches lasting over an hour, during which links failed to work, some users were unable to log in, and images did not load for others.
