UPDATE – Irish online betting site PaddyPower.com was hit by a distributed denial-of-service (DDoS) attack last night, the company has said. The company has confirmed that the “malicious attack”, which left the site offline for several hours, was part of an extortion attempt made against several online betting agencies.
PaddyPower.com didn’t suffer any material loss as a result, the company added, nor did it make any payment to end the attack. The matter has now been referred to police in the UK and the company is now working with ISPs, telecoms providers and other betting sites to try and prevent such DDoS attacks from happening again.
In a statement issued to customers, the company explained the attack in layman’s terms. “This sort of attack against internet-based businesses is akin to a huge number of people standing in the doorway to a shop blocking the entrance. Some customers will get in; the vast majority will not; the shop itself is functioning; just not every legitimate customer is guaranteed access.”
The IT department at PaddyPower.com said it worked with its internet service provider and the appropriate authorities to fix the situation. “We continue to make every effort to prevent this type of Internet attack to ensure best service to the customer,” the statement said.
The company pledged that all existing bets are still good and would be settled in the usual manner. It also moved to reassure punters about the security of its systems, saying that all account and betting information is completely safe and all its internal systems continued to operate as usual.
In its original statement to customers, PaddyPower.com gave no direct explanation for the attack but referred to the fact that several other web-based betting sites recently succumbed to similar attacks.
According to the reports, these incidents amount to a form of high-tech extortion: because DDoS attacks make sites inaccessible, directly affecting a company’s ability to make money, it is alleged that criminals threaten to jam the sites unless the victim pays a protection fee.
By Gordon Smith
