Elon’s Excuses

In today’s unpredictable tech landscape, surprises are the norm. Share prices are up and down like a yo-yo, and your negotiation position might be exposed by your ally as “you don’t have the cards right now”.

Yet I never expected this. Silence reigned, and you could hear a pin drop. X went down. 

The Outage

As X went down users found themselves unable to espouse the need for “more masculine energy”. A disaster!

So, Elon Musk came up with the cause. Ukraine, although security experts have called that explanation “garbage”and it makes me wonder why software developers sometimes look for somewhere else to point the finger.

Now, blaming a massive social media outage on foreign hackers sounds dramatic, but it’s also incredibly convenient. It shifts attention away from the real issue. Why did X collapse under a Distributed Denial of Service (DDoS) attack in the first place? Every major platform, from Facebook to Google, deals with these attacks regularly. Yet, X, a multi-billion-dollar tech company, just crumbled. That’s embarrassing. That’s something that needs to be fixed.

The Playbook

Blame, deflect and repeat as a blame playbook.

Instead of admitting a failure in their infrastructure, Musk went on TV and threw out a geopolitical conspiracy theory. Because, of course, he did.

Let’s break down the timeline of events:

1. X goes down worldwide, with 1.6 million outage reports.

2. Musk, with no evidence, claims it was a cyberattack from Ukraine.

3. Security experts say that’s nonsense. DDoS attacks are old news, and X should have protection in place for such events.

4. Musk vaguely doubles down, saying it was a “large, coordinated group and/or a country”.

5. The internet collectively shrugs because Musk’s blame game is as predictable as a bad sprint planning meeting.

This isn’t new. Tech companies, software developers and visionary billionaires love to blame outages on hackers, foreign interference, or some mystical unforeseen issue. 

The problem comes where it is their own poor infrastructure, lack of preparedness, or cost-cutting measures that made things vulnerable to such attacks. Could Musk’s layoffs have been to blame?

What Software Developers Can Learn from This Mess

For those of us who work in tech, there are some clear takeaways.

You Should Be Ready

Facebook, Google, and Amazon deal with DDoS attacks and are generally successful in mitigating them. When is the last time any FAANG company went down for hours at a time?

So, if a platform is built properly, such attacks should be a minor annoyance, not a catastrophic failure. Platforms should be aware of possible problems and have mitigation strategies that are ready to go.

That risk register? It is useful, and it should be ready to go when something important happens.

Cutting Costs on Reliability is a Disaster Waiting to Happen

X gutted its engineering teams. The result? A service that can’t withstand a basic attack. If your company is cutting the people who maintain reliability and security, start polishing your résumé.

People Don’t Always Tell the Truth

Security experts pointed out that just because an attack “appears” to come from a region doesn’t mean that’s where it originated. If you’ve ever used a VPN, you already understand this better than Musk seems to.

I do actually believe he knows the truth on this one. I think he has his own agenda to follow and that’s helped by telling people that he knows where such an attack is from — even if the truth is slightly more nuanced than this.

Tech Leaders Love Their Scapegoats

If a high-profile outage happens, watch how quickly executives point fingers. The real reason for an outage is usually something mundane.

If you tell the press it was a misconfiguration, a failure to scale, or someone pushing an update at 2 AM on a Friday you won’t get headlines. You might also get some difficult to answer questions.

Don’t Work for a Company That Lies About This Stuff

If you’re in the trenches writing code and dealing with site reliability, nothing is worse than watching your company’s leadership go on TV and spew nonsense. It erodes trust, internally and externally. If your company can’t be honest about why things fail, they’re probably lying about other things too.

Conclusion

Cybersecurity is hard. Infrastructure is complex. But at the end of the day, honesty matters. X didn’t go down because of some secret Ukrainian cyber war. It went down because X was unprepared.

So, if you work in tech? Keep an eye on your own company. When the next outage hits, see if your leadership owns up to it. They’ll probably not do this and will instead look for someone else to blame.