With the NFL season upon us this week, daily fantasy sports sites and participants alike are giddy for the most highly anticipated fantasy sports season on the calendar. What the DFS sites cannot afford is down time, which is exactly what happened about a month ago when DraftKings was the target of multiple Distributed Denial of Service (DDoS) attacks. DraftKings then went on the offensive and has now been given permission by a U.S. District Court judge to subpoena internet service providers to reveal the identities of the attackers.
DDoS Attacks Grind Sites to a Halt
In a DDoS attack, the perpetrator uses computers scattered around the world to flood a website/server with communications requests. Very often, the computers used don’t even belong to the attacker, but are instead taken over via some sort of malware or the like. Sometimes, the victimized site can sort out the bogus communications, but other times, the sheer volume and multiple sources of the attack just make it impossible.
Online poker rooms PokerStars and partypoker were recently victimized by DDoS attacks, seeing tables freeze, players having login problems, and players getting kicked off of tables.
In DraftKings’ complaint, filed in United States District Court District of Massachusetts, the company explained that the site was a target of a DDoS attack on August 7th at close to midnight Eastern time. Fortunately, DraftKings’ systems blocked it sufficiently and contests weren’t affected. On August 8th around noon, though, the DFS leader didn’t have such good fortune, as a follow-up DDoS attack jammed up the site.
DraftKings explained the extent of the attack in its complaint:
Plaintiff’s primary Website normally handles thousands of requests per second; during the Attack, Plaintiff’s Website faced a three-fold increase of requests per second. The Attack prevented legitimate DraftKings users from actively engaging with the Website.
DraftKings Taking Matters Into Its Own Hands
But DraftKings didn’t just defend its site; it went on the hunt for the culprits. Based on the IP addresses, DraftKings determined that more than three-quarters of the originating addresses were registered to ColoCrossing, which is a Buffalo, New York-based co-location and cloud services provider.
After numerous attempts to contact ColoCrossing resulting in no response, ColoCrossing finally told DraftKings that the IP addresses were leased by a site called HighProxies.com, based in Romania. DraftKings contacted HighProxies.com, but has not heard back.
DraftKings followed-up with ColoCrossing and its parent, Deluxe Corporation, to try to get more information about HighProxies.com so that it could protect itself from future attacks, but the companies wouldn’t help without a subpoena. Hence, the complaint that was filed on August 30th.
On Friday, Judge Mark Wolf granted DraftKings’ request and allowed it to subpoena the companies for the information it needs.
Though it is still the premier daily fantasy site, DraftKings has branched out into pure sports betting. It was the first to launch a mobile sports betting app in New Jersey, doing so in early August.
