UK-based bookmaker William Hill apologized to customers after its website was hit by a sophisticated DDoS attack that took place during the Tuesday evening hours.
The cyber attack meant that customers of the popular online bookie were unable to place bets, and it coincided with the mid-week UEFA Champions League action, including the fixture involving Arsenal and Manchester City.
It is suspected to be a botnet based on Mirai, which recently killed internet access across the web, resulting in popular websites like Twitter, the Guardian, Netflix, Reddit, CNN, and many other major sites being disrupted.
Earlier in the week, the bookmaker had revealed that it was having a few technical issues with their website. It followed this up by saying it had restored most of its services, adding that “were still not at 100%” – although the DDoS attacks were still ongoing on Wednesday.
Speaking to The Register, a William Hill spokesperson said:
“The online services of William Hill were intermittently impacted during the course of yesterday following distributed denial of service (DDoS) activity by third parties.”
William Hill said they didn’t have a timescale for when its online services would be fully restored, but was looking to resolve the issues ASAP.
“DDoS” attacks can often be intense, involving thousands of connection requests to overwhelm a website or online service with traffic in order to try and take it down.
These most recent high-powered DDoS attacks have been more potent than its predecessors because it makes it possible to leverage the massive network power of IoT devices, reporting them to a central server (botnet) for a much more forceful attack.
Online Gambling Industry A Target
The online gaming industry has for a long time been the target of cyber attacks from malicious hackers. The massive profits generated from sporting events makes them obvious targets. The disruption to William Hill’s website is expected to have cost the bookmaker roughly £4.4 million, although the exact figure is still unknown.