Reports are coming in on the 2+2 forums that Merge Gaming and the Winning Poker Network (WPN) — two US-facing online poker networks — were hacked on Tuesday evening and were taken off-line for a short period of time.
The attack was so severe that it forced Merge Gaming to cease running its regular tournament schedule for approximately two hours.
Hack Announced on 2+2 Prior to Occurring
Merge specifically seems to have been announced as a target in advance by 2+2 user “Disrespect=D/C,” who posted this a few hours before the attack:
“Protect your players Merge! In exacly 5 hours Merge will be going down forever until they have fixed their Security! Everybody should withdraw their money!”
It is unknown what additional steps, if any, were taken by the Merge security team to protect players on the site following the statement.
The post has now been deleted by 2+2 moderators.
Online Poker Sites in the Cross-hairs
This is another in a long string of hacks directed at online poker sites in both the United States and abroad.
WPN was forced to cancel a major $1,000,000 scheduled tournament just this past weekend after persistent DDOS attacks made it impossible for players to maintain stable connections and compromised the integrity of the event.
Afterwards, a clearly frustrated CEO of the network, Phil Payton, had this to say in a live stream on Twitch.tv:
“Call it a conspiracy, call it what you want, a lot of online poker sites have had Internet connectivity issues.”
Merge also faced sharp criticism from players at the end of last month when a server crash granted third-parties access to player accounts and caused hole cards to change mid-hand during the slate of major Sunday tournaments.
In addition to the US facing sites, Sweden’s nationally regulated site — “Svenska Spel” — has also been the victim of crippling attacks. It too has been disrupted to the point of having to cancel several high-profile tournaments with large guaranteed prize pools.
Is There a Pattern Here?
Whomever is behind the recent attacks is very good at what they do. This raises the question of why a skilled hacker would want to waste his/her time causing problems for online poker sites?
It’s a question that doesn’t have an obvious answer. However, there does seem to be a very loose pattern that may point to where the motivations of the people responsible lie.
For starters, Svenska Spel is owned by Sweden and currently enjoys a monopoly position in the Swedish market thanks to government legislation forbidding the issuance of licenses to private actors. This policy has actually caught the attention of the European Union (EU), and the country is due to be hauled before the European Court of Justice to defend itself against accusations of violating the EU principle of free-markets.
It is known that hacking conglomerates such as “Anonymous” tend to look down on government control of Internet activities, as well as increases in the concentration of state power, generally. So, it is not implausible that the attacks are actually somewhat political in nature.
Looking over to Merge Gaming, the site has constantly endured withering criticism that its security measures are not up to the task of keeping players safe. For a group of Internet hackers, this may be something akin to a moth being drawn to a flame.
Take these two things and throw a bucket of money into the mix, and it’s less astonishing that there has been so much trouble recently.
I’m just thinking out loud here, but it seems as though the closest thing to a common thread is hackers looking to make a high profile statement about an issue that is on their radar (everybody likes a crowd, after all, even anonymous hackers).
It’s a Matter of Trust
The most important issue for any online gambling site is trust. Sites must be able create trust that the game is fair, and trust that money and personal information is safe. These attacks are beginning to cast an increasing shadow over the confidence that players can have in the online version of the game.
Not to mention that no one wants to be playing on a site where they have no confidence that the tournaments being run will play down to their conclusions. Nothing is quite as soul crushing as making a deep run in a tournament, only to have it cancelled on you. As 2+2 poster Wonecks said following the crash tonight:
“Was chipleader in the $33 early bird with 9 left. So gross.”
Sites will need to seriously consider how many times things like this can occur before people decide it is no longer worth the trouble to play online.
It remains to be seen if the seemingly premeditated nature of this attack — and the grandstanding beforehand — is an isolated event or will become the new norm.
However, given how quickly sites have been forgiven so far in markets where the player base has no other option for play — whether due to government monopoly or government prohibition — it seems unlikely that the serious investment required to ensure game security will be forthcoming anytime soon.