At roughly 9:00am (EDT) this morning, the Twitisphere fell silent (or at least significantly fewer twitters).
And though you could not follow the outage via tweets, Twitter’s blog announced the popular site was under DDoS.
The below graph shows Observatory data from 55 providers around the world to Twitter’s two NTT hosted addresses blocks: 220.127.116.11/16, 18.104.22.168/16.
From the data, Twitter traffic declined abruptly around 9am EDT this morning.
We generally don’t see a lot of data (i.e. it takes thousands of tweets to match the bandwidth of a single video), but 55 ISPs in the Internet Observatory were exchanging roughly 200 Mbps with Twitter before the DDoS. Then traffic dropped to a low of 60 Mbps around 10:40am and began climbing after that. As of 1pm EDT, Twitter traffic was still down by 50% at 150 Mbps (normally we see close to 300 Mbps for this time of day).
From DNS, it looks like Twitter has moved some of their infrastructure to different address blocks as of 2pm EDT.