Denying intelligence

As the cost of mounting a distributed denial of service attack has reduced to almost nothing, victims stand accused of failing to report attacks and providing the opportunity for criminals to go undetected. In just a few years, the website known as the Winning Poker Network (WPN) has made remarkable progress, jumping from 45th place on the global online poker platform rankings to seventh, only a few places behind many of the biggest names in the gambling industry. But last September, with WPN seemingly destined to continue its rapid rise, the site was crippled by a series of cyber attacks. For three days the WPN platform was effectively disabled, forcing many events to be cancelled and others, including a tournament with a multi-million-dollar prize, to be postponed. Thousands of confused, disappointed and often angry players demanded and received refunds on their entry fees. During the height of the difficulties, a few loyal players were discussing the issues in chat rooms attached to the site and found themselves ‘chatting’ with the hacker supposedly responsible for the attack. Condemned by the players, the hacker simply responded: “Another poker site is paying me to attack this one.” The WPN incident was what is known as a DDoS (distributed denial of service) attack, in which hackers ‘take over’ hundreds of thousands of computers and internet-enabled devices across the globe and direct them to connect with the targeted website. Once the weight of traffic reaches a critical level, the website will stall and then fail completely as its servers are overloaded. At the height of the DDoS attack against the WPN site, some 14 million devices were attempting to simultaneously connect to it. DDoS attacks are not new. Even WPN had been a victim before, suffering its first attack in December 2014, soon after announcing its first tournament with a minimum top prize of $1 million. In the light of the claims made by the alleged attacker in the latest incident, WPN believes the timing of the first attack was not coincidental. DDoS attacks have been blamed for derailing the sites of organisations ranging from global banking groups to government ministries. These hackers are typically believed to be those seeking political gain, or criminals carrying out acts of blackmail and demanding a ransom. However, in the past few months, the idea that small businesses may be paying hackers to ‘attack’ their rivals at key times has emerged as a serious concern. A survey by internet security firm Kaspersky Lab found that 43 per cent of DDoS victims believed it was more likely they had been targeted by a competitor, while only 38 per cent believed it was purely a criminal act. Speaking at a recent cyber security conference in London organised by Wired Magazine, Raj Samani, chief scientist at anti-virus company McAfee, displayed screenshots taken from an online conversation between one of his undercover researchers and a member of a hacking group responsible for a ransomware attack. “She asked why the ransom was so cheap,” said Mr Samani. “The reply she got was that they had been paid by a Fortune 500 company to disrupt the competition using ransomware. It might sound incredible, but if you think about that for a second, it makes perfect business sense. “The game has changed now and the ability to go out and disrupt your competition can be done for less than the price of a cup of coffee. If I wanted to do a DDoS attack against your business, it would cost me as little as $3 to take out your website for an hour.” Another speaker, Dr John Graham-Cumming, chief technical officer of internet security company Cloudflare, revealed there had been cases in which florists had paid hackers to carry out DDoS attacks on competitors in the run-up to Valentine’s Day in a bid to increase their business by making the site of a rival impossible to access. Security analysts say the most remarkable thing about the attack on WPN was that the company went public with the news, even offering a “substantial reward” for an