According to Statistica, approximately 50% of adults in the United States have placed bets on sporting events at least once in their life. That’s a lot of betting. Online gaming is huge and growing at an exponential rate. It is expected to grow into a 93 billion dollar global industry by 2023.
It’s estimated that gross gambling yield (the amount gambling establishments receive after payouts) is more than $400 billion annually. More than $117 million wagers for the Super Bowl LV came in on NFL betting apps, a substantial increase of 116% from the previous year. And while it seems the sports betting industry has skyrocketed into mainstream culture, it didn’t start out that way.
Before the legalization of betting, the sports betting industry was pushed underground into dingy bars, basements, and back alleys. Sports betting was known for its hand in criminal activity, connected closely with organized crime. But it seems that the legalization of online sports betting hasn’t stopped the attempts to make off with serious money. Online hacking, attacks, and malware have become a continuous fight for mainstream betting platforms. What was once known for localized, targeted attacks by criminals has become an international concern for betting platforms.
What are the security threats when betting online?
As technology continues to evolve, gambling platforms need to ensure online safety and security for their users. After all, a multi-billion dollar industry can’t afford compromised platforms. There are multiple ways an individual can attack a website, with the severity of the attack depending on the online security of the platform. To understand the significance of each threat, it’s critical to understand what each does, how it breaches security, and how you might lose your money as a result.
DDoS and Ransomware Attacks
A DDoS is formally called a distributed denial-of-service. In simple terms, this attack tries to extort money from a company (or individual) by threatening to block out access to the service. Usually, the attacker will send the company a ransom letter demanding money or the loss of the website.
How does it work?
Assuming the threat is accurate, the hacker will spend excessive traffic to the website of the target. The substantial increase in website traffic is identical to traffic on a highway. Eventually, the route stops moving; you can’t go anywhere, become angry, and sit for hours. As the website becomes overwhelmed with traffic, it crashes. Alternatively, a sports betting website may become so oversaturated the speed slows to a crawl, making it impossible to access for time-sensitive betting.
The SQL Injection is a standard attack with hackers, giving access to customer details (including your financial information and account status). Chances are if you’ve heard of a company breach on the news, it was the same style of attack. A successful attack reveals personal information; credit cards, addresses, IP addresses, account balances, and sports betting details. A breach of this magnitude would be fatal for any online gambling platform.
How does it work?
For the attack to be successful, the hacker must find a vulnerable spot within the user inputs on the website. The content of the SQL commands propagates through these areas, with malicious commands executed in the database. This attack works by manipulating the backend database to reveal information that was never intended for display.
Identity Theft and Account Compromise
Identity theft occurs when an individual uses your information in an unauthorized way. This theft can include fabricated accounts (using your information to create a sports betting account), accessing your account after a SQL Injection, altering your bankroll online, or closing the account.
How does it work?
Account information is harvested through SQL Injections or other breaches in security. Once collected, hackers will offer this information (including your personal details, credit cards, account log-in and saved passwords, balances, and ongoing wagers) on the dark web. With usernames and passwords, purchased accounts are easily accessed through the website.
What can users do to protect themselves when betting online?
While a website can have safety and security against outside threats, a level of the onus is put on the account holder. Ensuring the online betting site is licensed can reduce your risk online. A licensed platform must follow strict rules, regulations, and standards, keeping you as safe as possible online. You’ll also want to ensure your passwords are encrypted; stored in a closed, secure database. Many casinos store passwords in their raw form, leaving your account vulnerable to hackers.
Account verification is crucial to your security, especially when performing financial transactions. Look for a website that requires verification online, whether driver’s license, passport, or other photo ID. Always take advantage of the setting if the platform offers two-step verification (it will require a cellphone or email confirmation to access the account).
How do the best betting sites protect themselves from threats?
There are a few different methods of preventing such attacks, depending on the threat to the online gaming website. A ransom or DDoS attack will use IP blocking (preventing access to the IP address), rate-limiting (which controls the site’s traffic), and blackhole routing. Finally, the DDoS protection service is the most successful, especially against highly distributed attacks.
Thanks to the commonality of these SQL Injections, protection has become simplified online. The first is ensuring input validation. This process checks that all accounts are being completed according to rules (for instance, five digits for zip codes). Companies will also have web applications or server-based firewalls that work to encrypt all information online.
An essential security feature offered by sports betting platforms is SSL encryption. SSL encryption works by garbling any data shared between you and a website, making it unreadable to anyone that tries to access the information. This security includes credit card details or other private account details. Random sequences of letters, numbers, and symbols are shown in place of the actual information.
Pushing Past Industry Standards
Although it’s difficult to determine the exact value of online sports betting, it’s estimated that sports betting makes up nearly 40% of the entire global gaming market. The continuous development of legalized gaming platforms supports the predicted explosion of the market over the next two years. Following similar standards to financial institutions serve as a benchmark for online security for online gambling in general. As the market continues to flourish, so do the online safety protocols needed to keep both platform and user safe online.
Advertising disclosure: We may receive compensation for some of the links in our stories. Thank you for supporting LA Weekly and our advertisers.