Next time you’re tempted to fret about the security issues your company is facing, pause a moment to reflect on those poor IT execs in the online gaming business.
“We have a lot of people trying to hack into our Web sites,” said BetCorp CTO Roy Bernhard. “They haven’t been able to get in, so they implement Denial of Service attacks. They’ll take you down for an hour and you’ll get an email afterwards saying, ‘We’ve just proved we can take down your site. Western Union $100,000 to this address by noon tomorrow or we’ll take you down during the Super Bowl. Wonderful!”
Of course, being in the online gaming business, you can’t pick up the phone and call in Scotland Yard or the RCMP. So in BetCorp’s case, they get the equivalent of the RCMP in Antigua involved. But at the end of the day, if their site goes down, there’s little they can do.
Bernhard said that when they started to run into the problem, the company’s data centres were secure and they could ignore the threats. But then the hackers began infecting more and more computers, and taking up more and more bandwidth. Eventually they sent enough traffic to clog Antigua’s 100 meg pipe, bringing down every company in the country. To make matters worse, the gaming companies soon had to deal with a rash of copycat hackers, and some firms began paying them off, which only fuelled the threats.
“What happened,” recalled Bernhard, “was that there was a year of insanity. People were paying, and copycat threats kept coming in. It was wild!”
Finally several gaming companies pooled their resources and ended up agreeing to pay for a company to manage and filter their Internet traffic. This company created a data centre in the US which has tons of bandwidth. A number of gaming companies redirected their Web sites through that data centre, which was easily able to handle the D-DOS attacks.
Of course the scams don’t end there. Fraud rings pore over gaming sites, looking for flaws, and if the mathematics aren’t right with bonuses, for example, the company can be bankrupt in a week.
“We had a group of people from Asia hit us with hordes of fake credit cards,” said Bernhard. They’d deposit money using the fake cards and then try to withdraw it.
Big wins at BetCorp’s online casino have to be investigated to make sure the clients were playing legitimately. “There have been countless times when I’ve looked through chunks of data, trying to see if there’s a pattern that someone has found in our system,” said Bernhard.
Now don’t your security problems sound just a little bit smaller?