back to article Bookmakers William Hill under siege from DDoS internet flood

William Hill is currently on the receiving end of a Distributed Denial of Service attack. Many of the bookie's sites went down on Tuesday and have remained unable to provide much better than intermittent service into Wednesday due to an ongoing cyberattack. We apologise as our site is still down. We appreciate this isn't …

  1. imcdnzl

    DarkTrace protects against internal threats so pointless to imply it was failing. DDoS comes externally and needs to be deal with upstream. I'm guessing William Hill didn't do practice runs with their upstream providers which you really need to do from my past experience... Or they may not have even paid for DDoS protection.

    1. Alexander J. Martin

      From the brochure

      > The online gambling industry faces an increasing risk posed by cyber-attackers, dominated by distributed denial of service (DDoS) attacks...

      And later

      > Having full visibility of all digital interactions enables it to identify early signs of suspicious activity, regardless of whether they originate from within, or the outside, or if the threat had never been seen before

      I think it's a fair inference when Darktrace mentions that is protecting William Hill, and that it recognises DDoS attacks as a dominant risk that William Hill faces, that it is protecting William Hill from such attacks, no?

    2. xutch

      external they use akamai

  2. Anonymous Coward
    Anonymous Coward

    Fancy placing a bet...

    on who gets hit next?

  3. Anonymous Coward
    Anonymous Coward

    Are the hackers.....

    A )Russians

    B) Chinese

    C) Other Eastern European

    D) Brits

    Place your bets now !

    Betting ends

    Banzai !

    https://www.youtube.com/watch?v=xnoOWci1pTE

    1. Zot

      D) Yanks.

      FTFY

      1. Anonymous Coward
        Anonymous Coward

        Yanks, deffo,

        Probably motivated by the amount of money being bet on Trump in the last couple of days.

        1. Anonymous Coward
          Anonymous Coward

          >Yanks, deffo,

          All wong, Cheekie Chappie set trick question so all bet lose and house win.

          It was Quakers

          Banzai !

  4. eriksolo

    core tech is like a baby putting things in its mouth

    "Darktrace is the only cyber defense technology that is capable of detecting anomalous behaviors, without any prior knowledge of what it is looking for."

    OK. I guess if I wanted to attack a Darktrace protected site I would send a bunch of kermit and gopher requests to their ip blocks and then try to enter modem and modbus commands via telnet into ports 443. That would cause it to focus on anomalous behavior that it had no prior knowledge.

    Then I would pay some skids $200.00 to DDoS their site.

    My hacker name would then be known as C@Pta1n 0bv1ou5

  5. Apoc13

    Darktrace != DDoS protection

    As above, Darktrace does not offer DDoS protection so not sure why this is mentioned. I thought this was a tech site?

  6. sad_loser
    FAIL

    This does sound targetted

    On the Melbourne Cup, the biggest race in the Southern Hemisphere

    1. P. Lee
      Joke

      Re: This does sound targetted

      >On the Melbourne Cup, the biggest race in the Southern Hemisphere

      And you know how the Oz hates other people betting on their events...

      STATE ACTOR!

  7. Dave Pickles

    Just a DDOS?

    I'm seeing a lot of packets hitting my home web server from multiple addresses in the 141.138.130.0/24 range, which according to WHOIS belong to William Hill. They appear to be SYN packets with source port 80 and destination port 80. It's either backscatter from a DDOS or something nefarious afoot.

    1. Mike007 Bronze badge

      Re: Just a DDOS?

      The packets are using a spoofed source, your servers replies are the attack.

  8. Mike007 Bronze badge

    There is a thread about it on NANOG

    A back-of-the-envelope calculation of traffic seen at ISPs comes out as this being quite a massive attack.

  9. Only me!

    Big picture

    If something like this goes down. You have to ask why and the motivation for doing such a thing.

    It costs money to knock it out.

    1. Political/state sponsor? (Make x country look bad, because we can)

    2. Who gets to gain most? (mmm...other betting sites? Someone who put a VERY large bad bet on)

    3. US gaming industry? The ones that have helped form a law where only US firms are allowed in the US, but they can go where they want.

    4. PFY? - Just trying to make the coffee

    5. BOFH? - Just because - By they way the IT budget needs to increase, because of security risks.

    1. HamsterNet

      Re: Big picture

      Its blackmail. Very common and well know against Online gambling sites, where downtime is loss of both direct profits and customers to competitors. Normally the gambling companies pay up, but sometimes the attack comes first and the ransom demand second.

      1. Anonymous Coward
        Anonymous Coward

        Re: Big picture

        That's absolute rubbish, they don't normally pay up. They invest massively in DDoS mitigation but occasionally something new like Mirai comes along and gets the better of it.

    2. BongoJoe

      Re: Big picture

      > 2. Who gets to gain most? (mmm...other betting sites? Someone who put a VERY large bad bet on)

      What you would do here is to put another very large bet on the same event thus getting the bookmaker to reduce the odds.

      The price will be reflected on the exchanges and then you can lay off the event there. And, if you do it right you can have an arbitration position where you make a profit no matter which what the outcome is.

  10. Anonymous Coward
    Anonymous Coward

    What are the odds...?

    As someone who dislikes the gambling industry, I say: meh.

    Maybe some kids might eat better this week.

    1. BongoJoe

      Re: What are the odds...?

      Maybe some kids might eat better this week.

      Not at all. Most of the people in my circle make a living from punting.

      So a DDoS would more than likely make mine eat less.

      Not all of us are whining puritantical Yanks.

  11. IT Hack

    Dev Ops

    Yeah....so how's that going Mr Hill?

  12. Anonymous Coward
    Anonymous Coward

    The DDoS attack is only doing what the government should have done. Online gambling should never have been made legal in the first place.

    1. BongoJoe

      "The DDoS attack is only doing what the government should have done. Online gambling should never have been made legal in the first place."

      You can sod right off, Mr Anonymous Coward and shove the Daily Mail up your arse whilst your'e at it. Restricting a legitimate trade because it doesn't suit your world view.

      Let's get rid of insurance web sites (you know where we risk a small stake if we're 'lucky' enough to back the event that the contents of the house catches fire), life insurance, forex and so on and so forth.

      If you can't understand probability, risk and such then perhaps you need to go to some Nanny State someplace elsewhere.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like