DDoS Attack Staggers William Hill Online Services

Leading European bookmaker William Hill has acknowledged that extended downtime for its online service portals is the direct result of a sustained DDoS (Distributed Denial of Service) attack.  The ongoing attacks began on Tuesday and have resulted in intermittent outages for several of William Hill’s platforms and services, though the company has directed customers to use its relatively interference-free mobile app as its battles to restore full operations continue.

Online gambling operators are one of the most frequent targets of such DDoS attacks, often with extortion in mind, and also as often occurring just prior to major sports betting events.  Whether or not this attack is of a similar vein has not yet been confirmed by William Hill spokesmen.

Last night, the company offered a brief statement to assure its customers that the battle to restore full operations was continuing:

“The online services of William Hill were intermittently impacted during the course of yesterday following distributed denial of service (DDoS) activity by third parties.

“This follows a significant increase in DDoS activity experienced by a number of online companies over recent weeks.

“While the attempt at disruption is ongoing our technical teams were able to restore services last night. We apologise for any inconvenience caused to our customers.”

Unfortunately, the full “restore” declared by William Hill seems to have been only temporary, as consumers have continued to report connectivity issues.  Independent net-security monitors also verified that multple William Hill-owned domains continued to be under occasional attack.  The reports also linked indicated that the DDoS attacks were likely due to botnets commanded by the Mirai virus, similar to an attack that floored domain name service [DNS] provider Dyn a couple of weeks back.

Subsequent to the Dyn attack, security researchers declared that the robust Mirai-based attacks may have “enlisted” as many as 100,000 Internet-connected devices via virus-laden software.  Then, using the commandeered botnet, the unknown attacker(s) launched a flood of data that peaked at over a terabyte of data per second at Dyn, flooding its connectivity capabilities.  It is as yet publicly unknown whether William Hill has faced an attack of that scope.  Attacks in general have surged since the Mirai source code was publicly released on an underground hacker’s forum in late October.

William Hill’s social-media outlets offered a more personal take on the company’s battles, even as the attacks continued.  Some sample Tweets:

 

We apologise as our site is still down. We appreciate this isn’t ideal but we’re working hard on a fix. Thanks for your patience.

— William Hill Betting (@WillHillBet) November 1, 2016

 

It’s been a long night. We’ve got some services back but we’re still not at 100%.

Thanks for patiently letting us get back on our feet.

— William Hill Betting (@WillHillBet) November 2, 2016

 

We’re calling it a day but we know it’s not been our best. Techies will be working through the night & Live Chat will answer your queries pic.twitter.com/uXd51f6Z5P

— William Hill Help (@WillHillHelp) November 2, 2016

William Hill appears to be expecting the situation to be handled as the week progresses and as the weekend’s busy betting slate approaches.  We’ll update in the event the company’s battle against the DDoS attacks takes an unusual twist.