William Hill Knocked Offline in Suspected Mirai Attack

Posted on: November 3, 2016, 03:00h. 

Last updated on: November 3, 2016, 09:00h.

William Hill hit by cyber attack
The Mirai botnet may have been used to overwhelm William Hill’s systems in the lead up to this week’s Champions League soccer matches. (Image: Shutterstock)

William Hill’s website crashed under the strain of a DDoS attack on Tuesday evening.

The cyberattack was described as “sophisticated” by the bookmaker, prompting speculation that it was the work of the Mirai botnet.

Mirai is the mother of all DDoS viruses and recently took out a large portion of the internet when it targeted the servers of tech company Dyn, which controls much of the internet’s DNS infrastructure.

Dyn said it was the most powerful DDoS attack ever recorded, and resulted in everything from Twitter, to Netflix, to the CNN website being knocked offline.

DDoS (distributed denial of service) attacks overwhelm a company’s website with thousands of meaningless requests for information, temporarily paralyzing it until, typically, a ransom is paid or the site’s technicians or web-hosting company are able to fend off the threat.

Champions League Betting Disrupted

Mirai, which first surfaced in mid-September, is more potent than those that preceded it because it is able to harness the power of thousands of Internet of Things (IoT) devices, focusing them on a central server (botnet) to boost the power of an attack. The source of the code was posted publicly online on a hackers’ forum in early October.  

“Someone has a botnet with capabilities we haven’t seen before,” said a senior security advocate at Akamai, in the wake of the first ever Mirai attack. “We looked at the traffic coming from the attacking systems, and they weren’t just from one region of the world or from a small subset of networks, they were everywhere.”

The online gambling industry, and online sports books, in particular, have long been targets of cyber attackers. Their reliance on large sporting events for a chunk of their profits make them easy targets of extortion.

Sure enough, the attacks on the William Hill website appeared to be timed to coincide with the mid-week UEFA Champions League soccer matches taking place in Europe.

Battling the Botnet

“The online services of William Hill were intermittently impacted during the course of yesterday following distributed denial of service (DDoS) activity by third parties,” said a spokesman for the bookmaker during the outage.

“This follows a significant increase in DDoS activity experienced by a number of online companies over recent weeks. While the attempt at disruption is ongoing our technical teams were able to restore services last night. We apologize for any inconvenience caused to our customers.”

News site The Register speculated that the 24-hour disruption could have cost William Hill $4.4 million, based on their H1 revenue of £814 million, although since online only accounts for around 33 percent of the company’s revenues, the real figure is likely to be much less.