What makes the online gambling sector so appealing to DDoS attackers and how can the sector protect itself?
Philippe Alcoy, APAC security technologist for NETSCOUT, shares his thoughts on what makes the igaming industry so appealing to cybercriminals and what methods the sector can use in order to protect itself from DDoS attackers
Very few industries have not been affected by the Covid-19 pandemic, with the hospitality, retail and travel sectors among the hardest-hit industries. Nevertheless, one industry which has seen a surge in growth since the start of the pandemic is online gambling. Many experts have suggested that the businesses of online gambling websites have increased significantly in the past year, particularly during periods of lockdown. Unsurprisingly, most gamblers have opted for online betting due to the closure of brick-and-mortar gambling venues, resulting in the virtual betting industry growing by around 90%. However, the growth of the sector has made it a primary target for cybercriminals, particularly DDoS attackers.
Why is the gambling sector being targeted?
Distributed Denial of Service (DDoS) attacks can be defined as attempts to exhaust the resources available to a network, application or service so that genuine users cannot gain access.
There are numerous factors which make the gambling sector so appealing to DDoS attackers. One of these is the fact that online gambling websites are susceptible to latency. These latency issues are largely a result of over half of all the activities on online gambling sites being conducted in real time, meaning that a half-second delay on a gambling website will make it unusable. As it is easy to predict when these sites will be at their peak when it comes to visitor numbers – mostly over weekends or during popular sporting events – this has made them an easy and appealing target for DDoS attackers.
In addition to this, the emotionally engaging nature of online betting also makes the sector a target for DDoS attackers – an issue which has been exacerbated by the pandemic. Limited options for home entertainment during periods of lockdown have led people to spend more time on betting websites, and the economic climate has made people even more eager to win money.
Over the last decade, the online gaming and gambling industry has continued to grow in size and is now worth over £40bn – triple its value of 10 years ago. Unlike many other industries, the online gambling sector has continued to grow since the Covid-19 pandemic, making it an obvious target for cybercriminals.
What can it do to protect itself?
Perhaps the best way for online gambling organisations to protect themselves from DDoS attacks is to collaborate with one another. By doing this, they can combat the threat posed by DDoS attacks through a combination of knowledge exchange and sharing best security practices.
It is also vital that gambling platforms have strong and effective DDoS countermeasures in place to enable them to protect their public-facing infrastructure before an attack ends up taking place. This will provide both the organisations and its users with peace of mind should they be targeted by cybercriminals, as they’re aware that an effective system is in place that is capable of blocking attacks.
Additionally, as IT teams in gambling companies continue to develop the infrastructure required to meet the needs of its users, assuring delivery of the top-quality and secure environment, which users have come to expect from gambling platforms, is a must. As new customers are added, growing the monitoring network with the actual gambling network can be done incrementally and is a straightforward and cost-effective process. The teams can then focus on making sure the network is secure and can see any unusual activity to prevent attacks of all kinds, including DDoS.
As the online gaming and gambling industries continue to grow and expand, the threat posed by DDoS attacks grows larger and larger. With it becoming increasingly easy for cybercriminals to launch DDoS attacks, it is vital that online gambling organisations ensure that they have effective DDoS mitigation measures in place. If the issue is not dealt with, the online gambling sector stands to lose millions of pounds every year.
Philippe Alcoy currently serves as APAC security technologist for NETSCOUT, where he works across the research, strategy and presales of DDoS threat detection, investigation and mitigation solutions for service providers and enterprises in the Asia Pacific region.
Alcoy has more than 20 years of experience in the IT security risk and compliance industry. Prior to joining NETSCOUT, he spent more than 15 years in technical leadership, consulting and management roles for vulnerability scanning, penetration-testing and compliance-monitoring vendors in Europe and Asia. He was born in a little town south of Lyon, France and began his technology career enjoying reverse-engineering games on his Oric Atmos computer and then partaking in the demo scene with his Amiga 500.