Grand National bets under threat from hacker ring
By Chris Nuttall, IT Correspondent
FT.com site; Feb 22, 2004
Online betting on the lucrative Grand National is under threat from hackers who are blackmailing internet bookmakers with demands for money.
If they are not paid, the hackers say they will launch a co-ordinated electronic attack that could cost the betting industry heavily in lost business in the run-up to Britain's premier betting event in April.
Leading online bookmakers are understood to have received e-mail threats to paralyse their websites. These follow similar threats prior to hacker attacks that have disrupted betting on other international sporting events. The culprits are believed to be criminal gangs in eastern Europe, where skilled programmers are in abundance and computer misuse laws are lax.
Security experts say the protection racket is beginning to spread to other areas of the online world, with insurance companies that offer policies over the internet among those targeted.
Assaults on offshore websites based in locations from Gibraltar to Antigua and used by US gamblers were launched in advance of American football's Superbowl this month. The "warnings" were followed by e-mails threatening that the attacks would continue and intensify unless sums ranging from $10,000 to $50,000 (?5,375 to ?26,875) were paid.
None of the companies targeted has admitted paying any money, although some offshore sites are believed to have given in to the demands in past attacks.
Representatives of more than a dozen offshore gambling sites met in Gibraltar this month to discuss a response to the threat to their fast-growing industry. Online betting is expected to increase from 1 per cent to 10 per cent of all gambling between 2000 and 2005, when it could be worth $15bn in western Europe, according to forecasts by Schema research agency.
The hackers' weapon is a Distributed Denial of Service attack, where targets are deluged with requests for information, slowing the website down to the extent of making it inaccessible to anyone wanting to place a bet.
Paddy Power, the Irish bookmaker, said its site was offline for hours this month when it suffered a DDoS attack along with other bookmakers. It said no money had been paid and the police had been informed.
Britain's National Hi-Tech Crime Unit has been investigating the extortion racket since assaults on UK and offshore betting sites were reported last autumn.
Detective Superintendent Mick Deats, head of operations, said: "It's not clear how much research they're doing, but there was an awareness it was the Superbowl and a good time to attack, and there's a continuous string of large betting events this year, including Cheltenham and Euro 2004 [football championship]."
Sites on the UK mainland have also been hit, according to Top Layer, an internet technology company that is supplying hardware to block such attacks.
An executive at one UK-based online bookmaker said: "We have put measures in place with our ISPs [internet service providers] to strengthen our defences."
By Chris Nuttall, IT Correspondent
FT.com site; Feb 22, 2004
Online betting on the lucrative Grand National is under threat from hackers who are blackmailing internet bookmakers with demands for money.
If they are not paid, the hackers say they will launch a co-ordinated electronic attack that could cost the betting industry heavily in lost business in the run-up to Britain's premier betting event in April.
Leading online bookmakers are understood to have received e-mail threats to paralyse their websites. These follow similar threats prior to hacker attacks that have disrupted betting on other international sporting events. The culprits are believed to be criminal gangs in eastern Europe, where skilled programmers are in abundance and computer misuse laws are lax.
Security experts say the protection racket is beginning to spread to other areas of the online world, with insurance companies that offer policies over the internet among those targeted.
Assaults on offshore websites based in locations from Gibraltar to Antigua and used by US gamblers were launched in advance of American football's Superbowl this month. The "warnings" were followed by e-mails threatening that the attacks would continue and intensify unless sums ranging from $10,000 to $50,000 (?5,375 to ?26,875) were paid.
None of the companies targeted has admitted paying any money, although some offshore sites are believed to have given in to the demands in past attacks.
Representatives of more than a dozen offshore gambling sites met in Gibraltar this month to discuss a response to the threat to their fast-growing industry. Online betting is expected to increase from 1 per cent to 10 per cent of all gambling between 2000 and 2005, when it could be worth $15bn in western Europe, according to forecasts by Schema research agency.
The hackers' weapon is a Distributed Denial of Service attack, where targets are deluged with requests for information, slowing the website down to the extent of making it inaccessible to anyone wanting to place a bet.
Paddy Power, the Irish bookmaker, said its site was offline for hours this month when it suffered a DDoS attack along with other bookmakers. It said no money had been paid and the police had been informed.
Britain's National Hi-Tech Crime Unit has been investigating the extortion racket since assaults on UK and offshore betting sites were reported last autumn.
Detective Superintendent Mick Deats, head of operations, said: "It's not clear how much research they're doing, but there was an awareness it was the Superbowl and a good time to attack, and there's a continuous string of large betting events this year, including Cheltenham and Euro 2004 [football championship]."
Sites on the UK mainland have also been hit, according to Top Layer, an internet technology company that is supplying hardware to block such attacks.
An executive at one UK-based online bookmaker said: "We have put measures in place with our ISPs [internet service providers] to strengthen our defences."
