New Jersey online casinos, first launched in late 2013, suffered their first successful Denial of Service Attack (DDoS) last Thursday, and while state officials aren’t publicly saying who the prime suspect is, they did confirm a person of interest has been identified.
DDoS attacks flood websites with data requests using a network of infected computers, with a Trojan virus overwhelming the targeted website and network to the point of failure.
David Rebuck, director of the New Jersey Gaming Enforcement (DGE), said the cyber attack inhibited four undisclosed Garden State online casinos and poker rooms for roughly 30 minutes.
In addition to interrupting play, the hacker reportedly demanded a ransom be paid using the decentralized cryptocurrency Bitcoin to prevent additional, more serious attacks. That ransom, of course, went unfilled by DGE personnel.
Rebuck revealed the hacker’s threat involved a more powerful and sustained attack should his ransom be unmet, but the DGE top official says his team worked swiftly to mitigate the breach. “This follow-up attack had the potential to not only negatively impact the targeted casinos, but also all business in Atlantic City,” he told reporters.
Since the United States has a long history of refusing to negotiate with both terrorists and Internet criminals, it was expected the DGE and several other state and federal agencies involved wouldn’t pay the ransom. Though the threat was credible as it was directly related to the DDoS assault, investigators made the call and it turned out to be a winning hand.
“All involved remain on heightened alert but are relieved that the holiday weekend has passed without incident,” Rebuck said.
One of the most notorious and active DDoS extortionist groups in 2015 remains the DDoS for Bitcoin (DD4BC), a criminal faction that has attacked financial institutions around the world including in the United States.
In May, DD4BC demanded 25 Bitcoins, worth $6,700 according to the latest exchange rates, from government organizations in New Zealand, Switzerland, and Australia. In the majority of DD4BC actions, a smaller strike is threatened with a larger, more damaging attack pending.
The DGE declined to comment on whether DD4BC is involved, though the scheme certainly follows the group’s typical patterns. If it’s not the group itself, it appears they have an imposter.
More Hackers, More Problems
Bitcoin, once thought to be the currency of the future and valued at more than $1,000 per unit, has since become the currency of criminals over the last several years, plummeting in value to below $300 as countries take steps to regulate or outlaw its use.
The currency has given the black market an untraceable way to collect and exchange funds, with Internet hackers now armed with the ability to demand payments for their actions.
It’s a continued and growing problem facing online marketplaces, and that is especially true for iGambling.
Advocates of legalized online poker say it’s just one of the many reasons a regulated Internet gaming market is a necessity.
Providing player protections and action recourses in the event of theft or security compromises is typically unfounded at offshore networks.