The Mirai DDoS attack that disrupted a large portion of the internet last week was the largest of its kind and has been confirmed to be the work of the Mirai botnet. On October 21, the botnet attacked the servers of Dyn, a company that controls much of the internet’s DNS infrastructure, taking out everything from social media to news sites, including Twitter, Netflix, and CNN.
Mirai harnesses the power of thousands of Internet of Things (IoT) devices, focusing them on a central server, or botnet, to boost the power of an attack and render a website non-operational. It first surfaced on September 20 when it attacked digital security news portal KrebsOnSecurity, overloading the site’s servers with requests at 620-gigabits-per-second, more than twice as much as anything security experts have seen before.
The attack on Dyn was greater still, with some reports suggesting it reached 1.2 terabits per second.
Online Poker Sites Vulnerable
Online poker sites have had to deal with DDoS attacks since the early days of the industry. Typically, these are launched during the height of an online tournament series, at a time when disruption will do the most damage, and are accompanied by a ransom demand.
Online sports books are particularly vulnerable to DDoS attacks because they are so reliant on big sporting events or race meets for a large portion of their revenues.
Last year, tech company Akamai reported that the online gambling sector had become the most frequently targeted of all by DDoS attackers.
But Mirai is something different altogether, and unfortunately for the online gambling industry, its coding has been posted online on hackers’ forums for anyone to access.
State Sabotage Unlikely
But it’s not just online gambling companies that should be worried.
As David Fidler, adjunct senior fellow for cybersecurity at the Council on Foreign Relations, told the UK’s Guardian this week:
“We have a serious problem with the cyber insecurity of IoT devices and no real strategy to combat it. The IoT insecurity problem was exploited on this significant scale by a non-state group, according to initial reports from government agencies and other experts about who or what was responsible. Imagine what a well-resourced state actor could do with insecure IOT devices.”
Business risk intelligence firm FlashPoint also dismisses rumors that the attack on Dyn was state-sponsored sabotage, calling the claims “dubious.” It was far more likely to be the work of kids linked to hackers’ forums causing mischief, particularly because the same attacker also separately targeted the servers of the video game RuneScape.
“While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors, or social justice communities, and aligns more with the hackers that frequent online hacking forums,” said Flashpoint.