Just As Phil Nagy, the founder of the Winning Poker Network and American Cardroom, was holding a big tournament last summer, his network was struck by a powerful denial-of-service attack, which forced Nagy into postponing or scrapping various events. Across the busy Labor Day weekend, which was full of poker tournaments for ACR, the attack began on Thursday and didn’t stop until Saturday.
The outspoken CEO took the unusual step of recording himself talking vehemently to customers about the attacks and their impact in a YouTube video, and apologized for the “crap” incident, saying he knew how upset players would be. He also said that while the DDoS attack was happening, the attacker had made contact in the site’s live chat area, and someone had asked, “Why don’t you just go get a job?” The attacker replied, “I have a job. Another site pays me to attack you.”
A poll by the Kaspersky Lab last year of 4,000 company representatives in 25 different countries showed that two in five businesses (43%) believed their competitors were behind any DDoS attacks they had experienced. Smaller businesses were more likely to blame rivals than bigger companies. Respondents from big companies were more likely to blame foreign governments and disgruntled former employees.
“It is clear that businesses feel their IT systems and private data are under siege from all sides,” says Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “With DDoS attacks becoming so frequent and so crippling, many suspect their competitors are behind them, as they look for ways to put their rivals out of action and steal their customers as a result. With such underhand tactics only increasing, it is imperative that businesses up their game to stay protected and impenetrable to attack.”
DDoS-for-hire has become even more of a problem lately because launching an attack has been never so cheap or so easy.
Raj Samani, chief scientist at McAfee, told a Wired magazine conference in London in October that gaming sites weren’t the only victims. He shared a screen shot from twelve months previously showing a chat forum in which a ransomware attacker claimed they had been hired by an unspecified Fortune 500 company “to disrupt day-to-day business of their competition”.
John Graham-Cumming, CTO at Cloudflare, told The Financial Times that businesses that are busy at particular times of the year are especially vulnerable.
When Nagy was hit, he said he considered putting out a 10-bitcoin bounty to discover if the attack was indeed launched by a competitor. He said he wanted to talk about the DDoS attacks because maybe through discussing it, enough pressure would be built “to make it stop”. He also promised to build up his cyber defences to lessen the impact should the network get attacked again. Based on responses from social media, customers were mostly understanding.