Russian Organized Crime Accused of Sportsbook Cyber-Extortion
InfoPowa
September 26th, 2003
RUSSIANS ACCUSED
Sportsbooks denial of service extortion by Russian organised crime
Major talking point in sportsbook circles this week was a series of "denial of service" attacks that took several operations offline...and so far unsubstantiated allegations of extortion by shadowy Russian organisations.
The events held echoes of similar attempts to extort money from operators last year, when after a time the story seemed to fade away, perhaps on payment to the extortionists.
This time around Hollywood Sportsbook, Pinnacle, BetWWTS, Rio and BcBets were among those targeted. Emails sent by the perpetrators of the DOS attacks from a Yahoo email address titled "Weekend Attackers" showed a particularly vindictive, threatening posture as demands for $30 000 to $40 000 dollars were made to cease the attacks, attempting to play one operator off against another in the intimidation stakes. It is not known which, if any operators paid up.
Experts opined that there are only limited precautions that can be taken to prevent such an attack, which involves bombarding the target servers with such volumes that they cannot handle the overload. One way is to conceal a website's IP number in addition to providing immediate redundancy. Another is for originating ISPs to apply a patch that prevents spoofing from taking place.
Players at the affected operations need not fear that their personal information such as credit card numbers might be obtained by the invaders, as DoS attacks do not involve system hacking per se.
It is the business itself that suffers as a result of down time and few Sports books attacked thus far have escaped unscathed. Among the recent targets, BoDog was hit, though it was able to overcome the attack almost immediately.
The attacks follow a spate of similar blackmail scams seen by security consultants in recent months, according to Neil Barrett, technical director at security firm Information Risk Management.
A target site is initially brought down with a short DoS attack lasting up to 15 minutes. Contact is then made with the company followed by another DoS attack and then demands for money.
Ultimately the scam is just a hi-tech version of the tried and tested protection rackets used by Mafia gangs and organised criminals for years, he said.
Companies should involve the police as early as possible in an attempt to identify the criminals by following the money once it has been paid.
Leads have indicated that the Russian Mafia is behind the scam, said Barrett. "The money and communications are often routed through St Petersburg but whether that is the start point or mid-point I don't know. But evidence points to it being run by Russian organised crime," he said.
InfoPowa
September 26th, 2003
RUSSIANS ACCUSED
Sportsbooks denial of service extortion by Russian organised crime
Major talking point in sportsbook circles this week was a series of "denial of service" attacks that took several operations offline...and so far unsubstantiated allegations of extortion by shadowy Russian organisations.
The events held echoes of similar attempts to extort money from operators last year, when after a time the story seemed to fade away, perhaps on payment to the extortionists.
This time around Hollywood Sportsbook, Pinnacle, BetWWTS, Rio and BcBets were among those targeted. Emails sent by the perpetrators of the DOS attacks from a Yahoo email address titled "Weekend Attackers" showed a particularly vindictive, threatening posture as demands for $30 000 to $40 000 dollars were made to cease the attacks, attempting to play one operator off against another in the intimidation stakes. It is not known which, if any operators paid up.
Experts opined that there are only limited precautions that can be taken to prevent such an attack, which involves bombarding the target servers with such volumes that they cannot handle the overload. One way is to conceal a website's IP number in addition to providing immediate redundancy. Another is for originating ISPs to apply a patch that prevents spoofing from taking place.
Players at the affected operations need not fear that their personal information such as credit card numbers might be obtained by the invaders, as DoS attacks do not involve system hacking per se.
It is the business itself that suffers as a result of down time and few Sports books attacked thus far have escaped unscathed. Among the recent targets, BoDog was hit, though it was able to overcome the attack almost immediately.
The attacks follow a spate of similar blackmail scams seen by security consultants in recent months, according to Neil Barrett, technical director at security firm Information Risk Management.
A target site is initially brought down with a short DoS attack lasting up to 15 minutes. Contact is then made with the company followed by another DoS attack and then demands for money.
Ultimately the scam is just a hi-tech version of the tried and tested protection rackets used by Mafia gangs and organised criminals for years, he said.
Companies should involve the police as early as possible in an attempt to identify the criminals by following the money once it has been paid.
Leads have indicated that the Russian Mafia is behind the scam, said Barrett. "The money and communications are often routed through St Petersburg but whether that is the start point or mid-point I don't know. But evidence points to it being run by Russian organised crime," he said.