Protection rackets hit online gambling
Criminal gangs based in eastern Europe are playing a nasty game with Internet gambling companies. With help from skilled network vandals, they're knocking the betting sites offline, then demanding huge extortion payments to halt their digital attacks.
The betting service eHorse found out the hard way last October, when visits to the website dropped to nearly zero. "We just couldn't figure out why our system wasn't working," said Kevin Martin, the site's gaming consultant.
Prior to the attack, eHorse had profitably served gamblers worldwide from its headquarters in San Jose, Costa Rica. "We take bets on horse races, basically," Martin said. "North American horse racing, primarily." Dozens of other Internet gambling companies have set up shop in Costa Rica, where gambling laws are lax and Internet connections good -- until last October, when the network crashed. The breakdown puzzled eHorse executives, but not for long.
"We get an e-mail," Martin said, "an extortion e-mail, saying, `We've got control of all your system. If you want to get your system back, pay us $30,000, and we'll stop doing it, and we'll protect your system from anybody else.' " The attackers added instructions to send the payoff in multiple installments to several locations in Russia via Western Union.
In the "Godfather" movies, Michael Corleone moved his crime family from New Jersey to Las Vegas to cash in on the 1950s gambling boom. In the same way, eastern European mobsters want a piece of the action in online gambling. And there's a lot of action. Peter Rendall, president of Top Layer Networks, Inc., an Internet security company in Westborough, estimates that online gambling generates $15 billion a year worldwide. "Clearly, there's money to be had in this industry, and there's now a lot of syndicated crime," Rendall said.
The criminals may be using computers, but they're running one of the oldest of all scams -- the protection racket.
A skilled attacker can shut down a site with help from "zombie" computers -- mostly home machines connected to broadband networks and infected with virus programs. Computer security experts say hundreds of thousands of computers have been "zombiefied" without their owners' knowledge. These machines are used by criminals to launch their attacks. A few typed commands, sent from anywhere on earth, can tell the zombies to send a flood of useless data to a targeted computer. If 50,000 computers do this simultaneously, the target is overwhelmed; nobody's data gets through. It's called a "denial of service" attack, and it's the reason eHorse wasn't taking any bets that day in October.
Desperate to keep the money flowing, some companies pay up. "When it was a low-level thing, I paid $500 one time," said Mickey Richardson, general manager of another Costa Rican casino,
BetCRIS.com. "Now the going rate is $60,000 to $100,000." Again, the crooks planned to use Western Union -- "$3,000 payments in 20 increments, to someplace in southeastern Europe," Richardson said. But paying up doesn't solve the problem. Once the criminals identify a gaming site as a soft touch, they'll keep coming back for more. A favorite tactic is to threaten an attack right before a major sporting event such as the Kentucky Derby or Super Bowl, when the betting action peaks.
The bad guys don't just harass Costa Rican sites. In Britain, online gambling companies have also received extortion demands. "They decided they wouldn't pay up," said Felicity Bull, spokeswoman for Britain's National High-Tech Crime Unit. Instead, the gambling firms called the cops.
Bull said because the extortionists are located in eastern Europe, outside of her agency's jurisdiction, there are limits to what they can do. The agency hopes to build a case, then hand over the information to police in the relevant countries. "At the end of the day, it's extortion," Bull said.
But Costa Rica is a poor country that can't afford to investigate shadowy bands of international criminals. "There isn't an agency with the resources to go after someone like that," Martin said. And though many of the Costa Rican sites are run by Americans, they set up shop in San Jose precisely to evade US law. While there's no US statute against Internet gambling, the Justice Department believes that a ban on telephone-based betting also applies to the Internet. At least one federal judge has disagreed, but the issue remains unsettled. Still, one thing is clear: The Costa Rican casinos can expect no help from the FBI. Indeed, a Boston spokeswoman for the bureau said the FBI isn't investigating any such cases at this time.
That's why the gamers are looking to their own defense. They're signing up with Internet services designed to fend off denial-of-service attacks. "What we did was build a . . . data fortress," said Barrett Lyon, chief technology officer of DigiDefense International, a Costa Rican firm that specializes in securing the gambling sites. DigiDefense has so much Internet bandwidth, located in places such as Phoenix, Miami, and Amsterdam, that it becomes extremely hard to generate an attack large enough to knock the gamers off the air.
Some of the technology used by DigiDefense comes from Top Layer in Westboro. The company makes a product that can tell the difference between legitimate Internet traffic and an extortion attack. The real stuff is allowed into the website, while the streams of bad data are dumped. Peter Rendall boasted that his software has defeated the most concentrated attacks. "Every single one that we protected remained up during the Super Bowl," he said.
Rather than pay protection, eHorse signed up for the DigiDefense service. So far it's working. "We've faced at least half a dozen big attacks from these people," Martin said, "and the DigiDefense solution has worked well for us."
But Rendall of Top Layer says there're still plenty of Internet casinos worldwide that are ripe for the plucking. And while gambling sites are favored targets, the extortionists could use the same tactics against any kind of online business.
"This is going to become a significant problem going forward," Rendall said. "It's not going to end tomorrow."
