DDOS Attack Forces WPN to Cancel $1M Online Poker Tourney

The Winning Poker Network, home of America’s Cardroom and other online poker sites, continues to deal with community reaction in the wake of the forced cancellation of its first-ever $1 million guarantee online poker tournament on Sunday after an ongoing DDOS attack launched against the network’s servers caused severe lags and ongoing service outages for many of the tournament’s players.

The WPN has already announced full refunds for all participants, in accordance with network policy.  The million-dollar tourney was cancelled after nearly five and a half hours of play and with only 45 minutes of late-registration time remaining, but appeared to have been on pace to surpass its guarantee.

Participants who still remained in the event at the time the cancellation decision was made were greeted with the following on-screen notification:

“Due to circumstances out of our control, we have been unable to provide a stable fair gaming experience,” said a message that appeared on the screens of players in the tournament at the time of the cancellation. “Many players timed out, while other remained connected. As per our terms and conditions, the tournament will be canceled and buy-ins and fees refunded to all participants.”

Some of the players who remained in the field bemoaned the loss of potential value, since well over half of the tournament’s 1,937 players had already been eliminated at the time the event was cancelled.  Nonetheless, the network’s rules were designed to cover such extreme situations as this cancellation, so it is unlikely that the network will massively distribute extra compensation to affected players.

WPN CEO Phil Payton himself appears to have been the executive who ordered the tournament cancelled.  Payton subsequently published a brief statement of Twitch.tv in which he acknowledged the attacks against WPN.  As Payton said, “Whoever was causing the Internet disconnections was waiting for the million [-guarantee tourney]. The second that it started, it [the attack] started.”

The Winning Poker Network has experienced similar attacks in recent months, as have other online-poker sites.  Industry conjecture suggests that a new wave of possibly extortion-based attacks launched against online gambling sites and networks may have begun, with WPN not being the only network to suffer an attack or other unspecified “technical problems” during a marquee event.

Two notable examples occurring this year are the DDOS attacks launched against the Australia-based Merge Network and the US-based PartyPokerNJ site.  Merge’s difficulties came largely during its flagship site Carbon Poker’s Online Poker Series, and in the latter episode, PartyPokerNJ.com was forced to cancel the main event of its brand new Garden State Super Series.

Return of the DDOS: What’s Very Old is New Again

The timing of the attacks and service outages and the various and often contradictory statements offered by executives of the affected networks suggest that a new wave of extortion demands targeting online gambling sites is the likeliest explanation.  An alternate theory floated in some discussion boards and in a couple of off-the-wall articles holds that a political statement of some sort, perhaps by opponents of online poker, is also a possibility.

After all, two well-publicized attacks against online corporations have been in the news in recent weeks, and both of those have been politically motivated.  Sheldon Adelson’s Las Vegas Sands Corporation may have suffered $40 million in losses after an extended series of attacks believed to have been launched by Iranian militants, in response to Adelson’s warmongering, pro-Israel statements.  More recently, Sony Corporation has come under a massive attack widely alleged to have been launched by agents of the North Korean government, as a form of punishment against Sony for its upcoming release of the comedy farce “The Interview,” which involves a make-believe plot to assassinate the North Korean head of state.

However, news writers proposing that viewpoint ignore the fact that extortion-based DDOS (Distributed Denial Of Service) attacks have been used as an extortion tool against the online-gambling industry for at least a dozen years.  Most established online networks have already faced such extortion threats on multiple occasions during their existence.  The timing of these latest attacks, often during the networks’ largest events, infer a timing pattern consistent with previous online shakedowns.

Perhaps no better feature on the hidden story of online gambling’s battle against cyber-extortionists exists than this story from 2005 at CSO Online, detailing the struggle of Costa Rica-based BetCris.com and its CEO, Mickey Richardson, to stay online in the face of ongoing extortion demands and attacks against his site.

Richardson and BetCris eventually beat back the threat, which saw his site attacked in a series of DDOS attacks launched via a zombie network of tens of thousands of hijacked computers.  Those attacks were part of a series that targeted large swaths of the online-gambling industry a decade ago, and which were eventually traced in large part to a large ring of Russian cyber-criminals, perhaps operating in concert with the online-crime group that later became known as the Russian Business Network.

Back then, in the 2003-05 period, the sites targeted for an online shakedown per the CSO feature already included CanBet, Bodog, BetWWTS, WagerWeb, William Hill, BetFair and Blue Square. Dozens of other sites were similarly targeted — and paid — but did not publicly acknowledge the shakedowns.  Some time after the BetCris saga, the original Full Tilt Poker was targeted in a similar manner.

Yet these things, historically, have run in cycles: The cyber-criminals continually enhance their attacks, and the networks and online businesses enhance their defenses, finding new ways to combat the typical DDOS attacks, which these days typically involves many Gb of bogus data flooding the targeted domains.

Whether actual attacks and extortion attempts are on the rise may or may not be a matter of perception, as industry-security specialists regular report that such attacks across all of e-commerce are remarkable frequent.  One thing that might account for something of a compounding factor, if such attacks are actually on the increase, is the use of online cyber-currencies such as BitCoin (BTC) as a means of extracting untraceable payments from the victims of such attacks.

Back in 2003, early in the era of the BetCris attacks, other extortionists demanded payment via eGold a rudimentary investment and transfer medium.  Modern virtual currencies offer such criminal elements added cover, and the anonymity associated with them is something of a Damocles’ Sword, with both very good and very bad possibilities involved.

The DDOS attacks against WPN, sadly, aren’t the first, nor are they likely to be the last.  Such cyberattacks are unfortunately a cost of doing business in the modern online era, and in one form or another, they’re likely here to stay.