Online poker rooms were under attack again this past weekend, but it wasn’t from Sheldon Adelson and his hangers-on (well, I guess we don’t know this FOR SURE…). This time, unfortunately, a number of poker rooms were once again the targets of Distributed Denial of Service (DDoS) attacks, rendering their games unplayable for a few days.
Betfair officially confirmed that its family of websites as well as its sportsbook and betting exchange were down because of a DDoS attack yesterday. Fortunately, it does appear that the company’s tech team successfully solved the problem and everything is back to normal.
Unibet was also the victim of a similar attack. PokerStars, the world’s largest online poker site, has not confirmed that it was targeted, but considering most Stars customers either experienced login problems, severe lag, disconnections, and cancelled/suspended tournaments from Friday through Monday, a DDoS attack is likely.
Another hint that PokerStars’ problems have been more than just software issues or run-of-the-mill server problems was that even as PokerStars technicians have been tackling the problem, one of its hosts, Manx Telecom on the Isle of Man has no connectivity, even today. The other five hosts are showing 100 percent connectivity, but considering how many problems people are having, it looks like much of their customers’ data is trying to flow through the downed host.
Put as simply as possible, a Distributed Denial of Service attack is when two or more people (hence the “distributed” part of the phrase) flood a machine – in this case, the online gaming server – with communications requests. These illegitimate requests prevent the machine from being able to properly handle real requests, slowing traffic to a crawl. When the bogus requests get bad enough, the servers can get so weighed down that they crash.
There are a few aspects of DDoS attacks that make them difficult to stop. First, the communications from the attacking machines are often hard to differentiate from legitimate requests. Thus, it is not easy to simply block or filter out the false requests. Second, the “distributed” nature of the attacks make them difficult to trace. If the attackers have set up several source machines around the world, good luck figuring out where the bad traffic is originating. And third, of course, the sheer amount of bad traffic can simply overwhelm a machine, even if the machine’s protections are solid.
This is not the first time poker sites have been targeted. One of the most recent notable attacks occurred in December, when the Winning Poker Network (WPN), a network that still accepts U.S. customers, had to cancel its ambitious million dollar guaranteed tournament because of a DDoS attack. The network had been attacked a week before the tournament, but was lulled into a sense of false security when the attacks stopped a few days before the event. Network officials tried to keep the tournament going for a while, pausing it twice to try to give technicians time to fix the freezing tables and player timeouts, but the decision was finally made to cancel the tournament and refund everybody’s buy-ins and fees.