DRAFTKINGS ON DEFENSE
Company hit by cyberattack ahead of NFL season kickoff
Days after DraftKings launched its much-awaited sports betting service in New Jersey, the company fell victim to a cyberattack that brought down its servers, according to court documents and the company.
“The Attack occurred because Defendants intentionally sent thousands of packets of information or commands to Plaintiff’s Website with the intent of damaging and negatively impacting Plaintiff and its operations,” DraftKings said in a federal court filing. “Plaintiff’s primary Website normally handles thousands of requests per second; during the Attack, Plaintiff’s Website faced a three-fold increase of requests per second.”
According to court documents, an unknown attacker launched a distributed denial of service attack just before midnight on Aug. 7, which the company fended off without losing service. The attacker tried again at about noon on Aug. 8, this time disrupting service for nearly half an hour.
“As a result of the Attack, Plaintiff’s personnel spent several days containing the Attack and mitigating further potential damage from the malicious Attack,” DraftKings said in court documents.
DraftKings has asked a judge to allow the company to conduct a discovery process with a number of companies that own the IP addresses responsible for the attack with the hope they can block a future attack and take action against the assailants.
In a statement, R. Stanton Dodge, DraftKings’ chief legal officer, said the company is suing to identify those responsible and protect itself in the future.
“We recently detected and immediately responded to a distributed denial of service (DDoS) attack. No confidential customer or company information was compromised,” Dodge said. “However, DraftKings takes security very seriously. This filing is a necessary step to identify the responsible parties and hold them accountable for their actions.”
DraftKings is on the precipice of its most important time of the year, with the NFL season about to begin. The spokesman said the company would be taking legal action regardless of the time of year, but said there is a significant desire to be able to block the attacker again.
The attack came right on the heels of the company’s sports betting launch on Aug. 6. Still, it is unclear whether there is any connection. A DraftKings spokesman said the company has not received any communication from the attackers or other evidence that could hint at a motive.
Because DDoS attacks are among the simplest to execute, it is possible there was no motive other than digital vandalism, experts said.
“It could be a competitor trying to close them down, it could be people who object to gambling in general,” said Jim Waldo, professor and chief technology officer for Harvard’s John A. Paulson School of Engineering and Applied Sciences. “It could be someone who decided to attack DraftKings because they do a lot of advertising.”
Late yesterday, Judge Mark L. Wolf granted DraftKings’ motion, endorsing the company’s efforts to obtain user information connected to the IP addresses. Still, the judge wrote in his order that he may reconsider if the internet companies object.
DraftKings now plans to issue subpoenas to companies that have registered the dozens of IP addresses responsible for the attack.
Waldo said it is unclear whether finding user information for those addresses will help DraftKings prevent another attack or find those responsible. Attackers often use compromised internet devices, including internet-connected cameras and smart devices, and launch attacks remotely without the owners’ knowledge.
“They’re really hard to track down,” Waldo said. “Finding out where an attack came from is not the same as finding out who attacked you.”