Anyone who plays online poker should be aware that hackers have Internet gambling and poker sites in mind when planning distributed denial-of-service (DDoS) attacks. In fact, the crimes often aim to cripple online gaming sites of any kind, from Internet poker operators to games like Minecraft and systems like PlayStation and Xbox.
What is DDoS?
The simplest way to define a distributed denial-of-service attack is as an interruption of services via the Internet on a group of IP addresses. When an online poker site is attacked, all IP addresses registered to that particular operator are assaulted at once, stopping any action and sometimes even with the intent to steal the customers’ information. Any information that a player has provided to that online poker company – email address, phone number, bank account details – is at risk of being stolen as a result of the hack.
According to a recent report from Akamai Technologies, DDoS attacks have increased significantly in recent years. As for the third quarter of 2015, gaming companies fell victim to 25% of all DDoS attacks and has become the most targeted industry in the world. Overall attacks in that third quarter amounted to more than 1,500 and marked a 180% increase from the same quarter in 2014.
It is unclearwhy the gaming industry is targeted so much more frequently now by cybercriminals, but any online gaming platform is at more risk today than ever before. Many gaming sites do not have enough securities in place to prevent such attacks, and a hacker can gain access to numerous player bank accounts through one DDoS attack.
Online Poker in Danger
The most prominent attack in the online poker world in 2015 was targeted at WPN (Winning Poker Network), specifically during special tournaments. A DDoS attack hit the Million Dollar Sunday on WPN sites like Americas Cardroom in December of 2014, which prompted the cancellation of the event. It happened again in early September 2015, though a better security system enabled the tournament to continue despite the interruption. Even so, the criminal activity kept many players from registering for the tournament with its $1 million guarantee, prompting WPN to offer an overlay that cost it $225,500.
We are currently experiencing massive Denial of Service Attacks. Our DDOS mitigation team is doing a great job of controlling the issue.— Americas Cardroom (@ACR_POKER) September 13, 2015
At the time, WPN CEO Phil Nagy noted that it was “all about how well you mitigate and manage the attack.” He told Poker Industry PRO, “It’s not a question of confidence. DDoS has recently impacted online businesses everywhere, including Sony, Microsoft, and even governments. DDoS does not seem to be going away anytime soon.”
WPN wasn’t alone, though. PartyPoker was also victimized by cybercriminals in August, as were all of the New Jersey online gaming sites in July. PokerStars and other companies have been affected in the past year as well. Some in the industry have speculated that poker players are the perpetrators of some attacks, but there have been no criminal inquiries to indicate that is the case.
And just as companies can be affected, poker players can as well. By sharing private information through email or messaging services like Skype, hackers can find ways to gain access to that network and steal personal information.
How to Protect Information
On a company-wide level, online poker companies are increasing their security levels consistently to try to stay ahead of the problem. Some are moving their servers to the cloud, and others are intensifying firewall protections. Those who have been victims of DDoS attacks have investigated and covered those particular leaks, and their tech departments are working to anticipate future attacks and prevent them.
Players can do several things to protect themselves and their private information. One of the most obvious is to change passwords regularly and make them complicated. This may seem like obvious advice, but most online users do not take the time to do it. Each site accessed should have a different user name and password, and the latter should be changed once a month, if possible.
Another tip is to refrain from sending personal information via Skype, as a well-known flaw in the messenger’s security system can be hacked to reveal the user’s IP address.
Players should also make sure to keep their operating systems updated, as well as to use top-notch antivirus software and keep that updated, too. Many players try to save money by installing gaming software on the cheap from various sources, and cutting that corner can put the players at risk for easy hacking as the software may be infected and then passed on.
Finally, for those who play online poker, contact the online poker sites with which accounts are active. Reputable sites should be able to immediately provide information as to the protections implemented to prevent DDoS attacks and policies in place to protect players if attacks do happen. If a site does not have that information or is not willing to provide it, it should be considered unsafe.