Days after DraftKings launched its much-awaited sports betting service in New Jersey, the corporation fell victim to some cyberattack that brought down its servers, reported by court documents and the company.
“The Attack occurred because Defendants intentionally sent countless packets of information or commands to Plaintiff’s Website when using the intent of damaging and negatively impacting Plaintiff and its operations,” DraftKings said inside of a federal court filing. “Plaintiff’s primary Website normally handles 1000s of requests per second; while in the Attack, Plaintiff’s Website faced a three-fold increase of requests per second.”
According to the court documents, an unknown attacker launched a distributed denial of service attack prior to midnight on Aug. 7, that the company fended off without losing service. The attacker tried again at about noon on Aug. 8, this occassion disrupting service for nearly an hour.
“Caused by the Attack, Plaintiff’s personnel spent a few days containing the Attack and mitigating further potential damage from the malicious Attack,” DraftKings said in the courtroom documents.
DraftKings has asked the court allowing this company to conduct a discovery process which includes a quantity of providers that own the IP addresses accountable for the attack hoping they are able to block a potential attack and get it done with the assailants.
In an argument, R. Stanton Dodge, DraftKings’ chief legal officer, said the provider is suing to determine those responsible and protect itself sometime soon.
“We recently detected and immediately replied to a distributed denial of service (DDoS) attack. No confidential customer or company information was compromised,” Dodge said. “However, DraftKings takes security seriously. This filing is often a necessary thing to identify the responsible parties and hold them to blame for their actions.”
DraftKings is on the precipice of most vital time, together with the NFL season gonna begin. The spokesman said the business might be taking a lawsuit in spite of the time, but said you will find there’s significant need to be capable to block the attacker again.
The attack came right on the heels of your company’s sports betting launch on Aug. 6. Still, its unclear whether there is any connection. A DraftKings spokesman said the provider haven’t received any communication in the attackers or some other evidence which could hint on a motive.
Because DDoS attacks are probably the simplest to operate, you’ll be able there wasn’t any motive in addition to digital vandalism, experts said.
“Even tho it’s a competitor seeking to close them down, maybe it’s people that mind gambling on the whole,” said Jim Waldo, professor and chief technology officer for Harvard’s John A. Paulson School of Engineering and Applied Sciences. “Maybe it’s one who chosen to attack DraftKings given that they start a large amount of advertising.”
Late yesterday, Judge Mark L. Wolf granted DraftKings’ motion, endorsing the company’s efforts for getting user information attached to the IP addresses. Still, the judge wrote as part of his order that they may reconsider in case the internet companies object.
DraftKings now intends to issue subpoenas to firms that have registered the lots of IP addresses answerable for the attack.
Waldo said hello is unclear whether finding user information for all addresses may help DraftKings prevent another attack or find those responsible. Attackers often use compromised internet devices, including internet-connected cameras and smart devices, and launch attacks remotely minus the owners’ knowledge.
“They’re hard to find,” Waldo said. “Knowing where panic or anxiety attack got their start in is not the similar to discovering who attacked you.”