Denial-of-service extortion threat for online bookies

Internet-based bookmakers are tightening up their IT security in response to the threat of hackers who are threatening to attack their web operations.

Criminal gangs are understood to be demanding large sums of money from bookmakers, and warning those that don't pay up that their internet sites will be taken offline through a distributed denial-of-service (DDoS) attack.

Internet businesses have been facing such threats for some time, but reports this week claim that British online bookmakers are coming under renewed pressure ahead of major sporting events, including the Grand National.

This comes just weeks after organised crime gangs were said to be threatening internet betting sites ahead of American football's Super Bowl.

Betfair, an online betting exchange, acknowledged on Monday that the risk of malicious hackers attempting to extort money from web-based businesses is genuine.

"We're fully aware of the issue facing our industry, and we're already taking every measure necessary to protect our business," a Betfair spokesman told silicon.com's sister site ZDNet UK, adding that he wasn't aware if Betfair had received any specific blackmail threats in this way.

Betfair is reluctant to discuss the steps it has taken to bolster its IT security, but did say that protection from DDoS attacks is a top priority.

DDoS attacks are used maliciously to force web servers offline by flooding them with data traffic. Analysts estimate that the online betting market is worth over £3bn per year. For a company such as Betfair, several hours of downtime would be extremely expensive - especially if it coincided with an event such as the Grand National, which attracts more than £100m in bets.

Britain's National High-Tech Crime Unit (NHTCU) revealed last month that it is investigating a series of attacks and threats of attacks on companies in the UK. It said these had been made by organised criminals, rather than amateur hackers.

A source at the NHTCU pointed out on Monday that while bookmakers might be under the spotlight now, web-based extortion is a generic high-tech crime that has been a problem for some time.

Earlier this month, an Australian web hosting firm saw its network brought down by a DDoS attack, while Microsoft and the Recording Industry Association of America are under threat from a variation of the MyDoom worm that aims to bombard their networks with masses of data.

Graeme Wearden writes for ZDNet UK