Ireland’s National Lottery has become the latest gambling operator to be hit with a distributed denial of service (DDoS) attack.
While nowhere near the recent $1.6b Powerball jackpot in the US, Wednesday’s €12m prize was the biggest the Irish Lottery had offered in 18 months. But unknown hackers knocked the Lottery’s website offline for two hours on the day of the draw.
Interestingly, the attack not only affected the website, but also lottery terminals in retail locations. The attack began at roughly 11:20am on Wednesday but retail systems were back in operation within 90 minutes while the website took about a half hour longer to restore. That night’s draw went ahead as scheduled.
Premier Lotteries Ireland (PLI), which operates the National Lottery, issued a statement saying the attack had been blunted by the company’s anti-DDoS systems, “limiting disruption and restoring all operations within two hours.” PLI stressed that “at no point was the National Lottery gaming system or player data affected.”
PLI didn’t specify whether it had received a ransom demand, the kind that online sportsbooks and other gambling sites receive when under DDoS attack. Sportsbooks are usually hit prior to major sporting events, i.e. when demand for their services is highest and every minute’s delay is costing the site money. The Lottery attack fits this pattern, given the size of Wednesday’s jackpot.
PLI said the incident is still under investigation. There were no winners for Wednesday’s jackpot, so the Lottery is likely bracing for a repeat occurrence during the run-up to Saturday’s €14m draw. Visiting the site on Friday showed the site was using the CloudFlare DDoS mitigation service to prescreen visitor’s computers for signs of malicious intent.
Earlier this month, Europol arrested two key members of a notorious Bitcoin-based DDoS extortion group based in Bosnia and Herzegovina. However, the latest Security State of the Internet report from Akamai showed that the UK was the top originating country for DDoS attack traffic in Q3 2015.
According to Akamai, the UK was the source of 25.6% of all DDoS attacks in Q3, beating out China’s 20.7%. The UK was third on the originating country list in Q2 and wasn’t even in the top-10 in 2014, so something has clearly gone rotten in England.