Customers trying to buy tickets for the €12 million (US$13 million) Ireland Lotto draw found themselves unable to do so for nearly two hours.
The jackpot was the largest in 18 months.
Premier Lotteries Ireland (PLI), the Lottery's operator, has said the incident is under investigation.
During a DDoS attack, a website or online service's capacity to handle internet traffic is overloaded — usually by automated programs set to flood the site with requests.
The attack began at 11:21 GMT on Wednesday and lasted for about two hours.
Retail systems were brought back online by 12:45 GMT and the website by 13:25 GMT.
"They said you couldn't buy tickets from the ticket machines, which is really interesting, it's not just the website — it would be quite interesting to understand why that happened," said John Graham-Cumming at DDoS-protection company Cloudflare.
Fortunately for people unable to play for Wednesday's jackpot, nobody won in that drawing, giving an opportunity for players to win an even higher €14 million jackpot Saturday night.
'Under investigation'
"This incident is still under investigation," a spokeswoman said.
"However, we can confirm that at no point was the National Lottery gaming system or player data affected."
Given the large jackpot involved, the lottery was experiencing high demand for tickets on Wednesday lunchtime.
The impact of the attack may well have been heightened by this, according to Igal Zeifman, senior digital strategist at cybersecurity company Imperva.
"As a rule, record-setting prizes and jackpots result in traffic spikes on lottery sites, and it is very common for DDoS attackers to strike during such predictable peak traffic times, especially when going after big targets," he said.
I'm guessing the website crashed under regular high demand.
Camelot's servers and terminals in the UK have crashed few times before.
And now that they also run the irish lottery...
I think you should read the article. Camelot does not operate the Ireland Lottery. And it was not "regular high demand" that brought down the systems.
I doubt a consortium of owners that is comprised of Camelot would ignore the savings of streamlining the process.
"On 3 October 2013, Minister Howlin announced that the government had agreed to sell the National Lottery licence for €405 million to Premier Lotteries Ireland, a consortium comprising An Post, An Post pension funds, and the Ontario Teachers' Pension Plan(owner of the Camelot Group, operators of the UK National Lottery).[9] Dermot Griffin, head of the An Post National Lottery Company since 2006, was appointed chief executive of Premier Lotteries Ireland. Other existing senior management were also retained. Executives from the Camelot Group, the Ontario Teachers’ Pension Plan, and An Post were appointed to the board of the new company"
https://en.wikipedia.org/wiki/National_Lottery_(Ireland)
The article does not give much information as to how exactly this was an attack, aside from jumping to conclusions that it was an attack. "The attack began at 11:21 GMT on Wednesday and lasted for about two hours." might just as well be a surge in demand for an unusually high jackpot.
It might have been so, because:
"The jackpot was the largest in 18 months."
But there is a chance that instead it might have been a "Denial Of Service Attack", in our end here: How would we know?
-------
I don't know anything at all about such things, but isn't there a way to filter-out (block) some requests while at the same time letting others go thru, assign particular priorities to requests according to some criteria and filter in and out according to such assigned priorities, at least for some time and then switch in and out for given periods of time, like allow requests to come thru for only a given time and then give other requests a chance to come thru also for a given time and then alllow newer requests to come in for a time.
It's weird to see comments accusing the story of being false, but maybe that's just because it's a technical issue. As someone who has experienced DDoS attacks, I know what they are like and the Ireland Lottery did experience it. I tried to access their site during that time myself and saw CloudFlare trying to deal with it.
Todd, of course it could have been a DDoS attack, but the same CloudFlare "checking your browser" also came up on thelotter when it was under heavy load. Frankly, I wouldn't put it past Camelot to cover their behinds by claiming"attack on servers" as they have screwed up multiple times in the past. Add to that that after the sale of the Irish Lottery to the Consortium of Camelot and others that Camelot installed new terminals and infrastructure.
Oh, but thelotter WAS hit with a DDoS attack. I talked to them about it as it was happening. So there goes your assumptions.
Maybe you should try to believe me. Without patting myself on the back, I'm somewhat of an expert in the technology field.
Then I wonder why thelotter didn't make it public but Camelot did.
It's not that i don't believe you Todd, it's more that I am a mindful objectionist.
As a private company they have no need to announce anything that they don't want to. Maybe they'll be upset with me for writing publicly about it. Hopefully not.
It's great to be skeptical, but not when rejecting wise council.
lol.
That makes me wonder:
How much can take the server?
What happens when the server receives too many requests?
Some program might drop the security, what happens on the server?
What comes with the attack, what is the goal, how is it done?
The server crashes after receiving too many requests. DOS attacks are kid stuff, but DDOS can be a big pain since the attacker usually creates a botnet with hundreds or thousands of hijacked PCs (zombie PCs) prior to launching a DDOS attack. Programs like Trinoo, a Unix-based DDOS tool, and Wintrinoo, Windows-based program simply overwhelm the server with massive fake requests until it crashes. These programs are not only free, but widely available online.
Having a good firewall and a hard to guess password usually prevent you from becoming a victim of a DDOS attack. If your password can be found in a dictionary? You are screwed. A hacker can turn your PC into a zombie, then you will be doing your master's bidding without your knowledge, hence the name.
There was one winning ticket for last night's Lotto jackpot worth over €13.7 million.
The National Lottery have said the winning ticket was sold in Careys, Main St., Belmullet, Co Mayo.
It was a €10 Quick Pick and was purchased yesterday.
The winning numbers were: 10, 12, 13, 19, 43 and 45.
The bonus number was 05.
Lottery fever gripped the Co Mayo town of Belmullet yesterday - with speculation mounting as to the identity of the winner of the massive €13.7m jackpot.
The €10 Quick Pick ticket was sold by local shop, Carey's - the second major lottery winner sold in the store in the past six months.
A €500,000 Euromillions ticket was sold there in August, while the shop also sold a winning ticket worth €350,000 in 2012.