Earlier this week, British police arrested two Polish men for their alleged involvement in a scheme to blackmail a Manchester-based online gambling site with the threat of an internet attack.
Piotr Smirnow, 31, and Patryk Surmacki, 35, were arrested at London’s Heathrow Airport on Wednesday and accused of threatening to render the website unusable by carrying out a DDoS (distributed denial-of-service) attack unless a ransom was paid.
DDoS attacks disrupt web-based businesses by flooding their machines with so much traffic that they become overloaded and unable serve requests by real customers. This can be especially devastating for online gambling operators who need to display real-time dynamic information on which bettors rely to make their decisions. “We’ve seen cases of gaming companies receiving anonymous threats saying that if they don’t contribute to some untraceable digital money bank, like BitCoin, they will be disrupted,” said Ashley Stephenson of the security firm Corero, in the IBTimes.
For bookmakers, downtime before a major sporting event can result in a huge loss of revenue. “Rather than risk being pulled offline and losing business, gambling sites often accept these threats as just another overhead and bow to attacker’s demands, which are often paltry when compared to the cost of prolonged site downtime,” Stephenson says. “These attacks go beyond simple annoyance,” she added, “with an average cost of over Â£150,000 ($233,497) per DDoS attack.”
Recent cases like this highlight what has become a common headache for online gambling operators. “The standard methodology is to preface the threat with some minor incursion on the network. Then follows the warning message: check your logs… unless you pay us a very large amount of money, we’ll bring your network down,” said Stephenson.
Perpetrators of such attacks rely on botnets: thousands, or even millions of computers unknowingly infected with malware and enslaved to a host that uses them to bombard a website with traffic. Launching such attacks is technically complex, but now, anyone can rent a botnet for a reasonable rate from one of the web’s many criminal underground marketplaces.
Small- and medium-sized businesses often fall victim to hackers due to the fact that they don’t budget for DDoS protection. “Denial of service attacks have become increasingly common offenses in recent years and can have a devastating effect on the victim’s online business or presence,” said Detective Chris Mossopof the Greater Manchester police on Facebook. One survey suggests that one in five businesses in the U.K. had been disrupted by a DDoS attack in 2012.
While these type of attacks are usually only waged against public companies, there have been recent reports of high-stakes poker players being targeted as well.
Using a DoS (denial-of-service) attack against a specific IP address, a player can effectively knock his opponent offline, forcing him to time out and forfeit a big pot. Unlike distributed denial-of-service exploits, DoS attacks are much easier to carry out, and can be launched by anyone with even basic technical knowledge using software freely available on the internet.
In June, players became suspicious of user JizzTriggeron PokerStars, who reaped the benefits of multiple well-timed disconnects and went on a 14-game heater playing fast-structure heads-up sit and gos.
The perpetrators of the alleged disconnects likely acquired their victims’ IP through a flaw in the chat program Skype, which is used widely throughout the poker world. The exploit, which has now been patched, allowed anyone to look up the IP address of any Skype customer using a web-based service without even being added to their “Friends” list. PokerStars said it is currently investigating the matter.
While the average poker player runs a very small risk of falling victim of such attack, online businesses will continue to play defense against hackers looking for an easy payday. As one security expert said, “I wouldn’t say it’s routine yet, but it’s expected. It’s the cost of doing business on the internet.”