Monday, March 27, 2006
He's fascinating to talk to. After a couple of conversations with him I now win at the slots when I go to Vegas (really!). He's also shown me how some of the online gaming sites aren't sufficiently careful not to allow paired bets that guarantee that you don't lose.
Recently he has been doing research into cyberextortion. In the past few years we've seen a number of well-known companies be attacked by hackers interested in bringing down their online sales functions. It turns out that the online gaming industry is particularly vulnerable to these types of distributed denial of service attacks, where the company's servers are bombarded with enough false "requests" that legitimate business is lost in the shuffle or the servers are brought down.
These cyberextortionists contact the company and demand a payment for leaving the company alone for a period of time...or else they will bring down the company's servers during a critically busy time for the company. Companies are left with the decision of whether to pay (and face further blackmail in the future) or fight the extortionists (hiring consultants, buying additional online capacity, etc.) and run the very real risk that this strategy doesn't work and that they lose business during a busy time of year. Naturally these companies are reluctant to go public with their problems and risk losing their customers to competitors. Our cyberextortion researcher tells me that during Super Bowl weekend at least one major gaming site was unavailable...with no explanation forthcoming.
With the Final Four coming up (a good betting weekend, though it doesn't approach the volume of Super Bowl weekend) I'm guessing that the cyberextortionists will be at it again. If you are reading this from somewhere that online betting is legal, you might want to get those bets down early.
Who says that academic research has no application in real life? ;-)