An online investigation conducted by BBC in cooperation with Netcraft internet security firm to track malicious attacks on UK's top 20 betting sites has detected a total of 33 outages in two weeks.
UK bookmakers tracked for DoS attacks
An online investigation conducted by BBC in cooperation with Netcraft internet security firm to track malicious attacks on UK's top 20 betting sites has detected a total of 33 outages in two weeks, according to BBC.
Netcraft monitored website performance by timing how long it takes a specific server or website to respond when sent a packet of data. It monitors the response times via servers sited in different hosting centres around the world. Servers being monitored were sent query packets every 15 minutes.
Only five bookmakers out of twenty have had no outages over the monitoring period.
Some outages did not last long and occurred late at night and were probably connected with site maintenance rather than an attack. '
The sites being monitored included Capital Sports, Total Bet, Sporting Odds, William Hill, Victor Chandler, Bet365, Paddy Power, Betdaq, Betfair and other sites popular with punters.
About half of outages occurred during the day and many had shown a characteristic pattern of a web server struggling to cope with the requests.
Sometimes this occurred due to heavy traffic during big events UEFA cup matches. Occasionally the outages were caused by a Denial of Service attack.
In a DoS attack, a server is deluged with malformed requests for information from thousands of PCs at the same time.
When this happens the response time of the server climbs before it stops reacting once it has been overwhelmed. Soon after, it recovers and the cycle starts again. Some sites were out of action for hours.
Betting sites contacted by BBC News Online when these outages were taking place declined to comment on what was causing the problems.
Mike Prettejohn, president of Netcraft, said: "In the general case, we can't say authoritatively why a site isn't available, just when it isn't available."
He said surges in response times followed by an outage could be the result of a routing problem, bandwidth congestion, or server overload.
However, the response times from the betting sites became easier to interpret when several sites admitted that they had been targeted by the extortionists.
William Hill, Betdaq, Totalbet and UKBetting all said that they had been attacked or received extortion demands by criminals.
Gambling sites have been targeted because so many of the events they offer odds on are time-limited.
"We knew we would be a target at some stage," said William Hill's spokesman.
"The crux is that we will not give into extortion," he said, "we never have and never will."
The spokesman added that DoS attacks on betting sites by extortionists are a global problem.
Irish bookmaker Paddy Power was also attacked during the Superbowl.
The attacks seemed to be well co-ordinated as the servers being targeted were overwhelmed very quickly.
Once attacked the websites of the gambling sites stay offline for hours.
A spokesman for the Bookmakers Fraud Forum declined the chance to comment as he did not want to give away any information about police investigations into attacks.
A spokeswoman for the National Hi-Tech Crime Unit said: "The NHTCU is well aware of these attacks and has been investigating UK cases since the autumn.
She added: "We are working closely with the UK bookmakers in tracing and tracking down the perpetrators."
She said she could not add any more details because the investigations were active and ongoing.
Rob Pollard, from security firm Arbor Networks, said in many cases bookmakers would struggle to cope with a DoS attack because the connection to their net service provider will be swamped by bad traffic.
"It became clear quite a few years ago that DoS attacks are a service providers problem," he said. But, he said, tools existed to help net providers spot DoS traffic and stop it causing problems for net users.
