Last week, Boston-based DraftKings filed documents in Massachusetts federal court. The company is seeking permission to discover the identities of those responsible for a cyber attack on its website in early August.
From the court filing:
“During this time, the attack prevented legitimate DraftKings users from actively engaging with the DraftKings Website. As a result of the attack, the plaintiff’s personnel spent several days containing the attack and mitigating further potential damage from the malicious attack.”
R. Stanton Dodge, DraftKings’ chief legal officer, said the company is seeking the identity of the accused to better protect its interests going forward. He elaborated in a statement to the Boston Herald.
“We recently detected and immediately responded to a distributed denial of service (DDoS) attack,” said Dodge. “No confidential customer or company information was compromised. However, DraftKings takes security very seriously. This filing is a necessary step to identify the responsible parties and hold them accountable for their actions.”
DraftKings suffers outage from a DDoS attack
The first attack occurred just before midnight on Aug. 7. The company’s security protocols prevented the offense from affecting service.
A second distributed denial of service (DDoS) attack happened about 12 hours later on Aug. 8. This time the site received three times the average volume of requests and fell victim to the attack. It lost service for 26 minutes.
“The Attack occurred because Defendants intentionally sent thousands of packets of information or commands to the Plaintiff’s Website with the intent of damaging and negatively impacting Plaintiff and its operations. Plaintiff’s primary Website normally handles thousands of requests per second; during the Attack, Plaintiff’s Website faced a three-fold increase of requests per second.”
DraftKings seeks information from Google, Verizon and more
Following the attack, DraftKings’ security staff linked the DDoS attack to 36 different IP addresses.
DraftKings contacted the company it claims was the source of three-quarters of the attack. Buffalo-based ColoCrossing revealed the IP addresses reside with a Romanian proxy service provider, HighProxies.com. DraftKings reached out to the foreign company to no avail.
According to DraftKings, ColoCrossing requires a subpoena before it will release any more information about the potential attackers.
Most of those IP addresses are in the US. DraftKings is seeking information on seven different companies that include IPs, website hosts, and networking entities.
Soon after the filing, Judge Mark L. Wolf approved DraftKings’ request. The approval authorizes DraftKings to subpoena the information behind the known IP addresses responsible for the attack.
DraftKings is now seeking user information and usage logs that will help it unmask the 10 people alleged to be behind the attack.
Besides ColoCrossing, DraftKings is seeking information from:
- American Registry for Internet Numbers
- NetActuate (service provider)
DraftKings Sportsbook prepares for football season
DraftKings is known as a leader in the daily fantasy sports market. Its New Jersey online sportsbook, however, is the company’s first real sports betting venture.
Ahead of the busy football season, it is leaving nothing to chance. That is why the court filing and aggressive action toward the perpetrators of the DDoS attacks are noteworthy.
The company is trying to prevent further attacks that have been plaguing the online gaming industry for a while now. It is also on a quest to reassure its customer base that their data and money is safe.
DraftKings plans to sue each person for a breach of the Computer Fraud and Abuse Act if the company is successful in unmasking its attackers.