OpenAI, the artificial intelligence company behind the development of ChatGPT, confirmed that its services had been hit by a DDoS attack. Since Tuesday, November 7, 2023, the company has been experiencing intermittent API (application programming interface) and chatbot outages, which were later confirmed to be the product of a DDoS attack.

These types of attacks are based on sending requests from different sources and in large quantities to a server or web service, in order to overload their processing capacity and crash the attacked service.

Because it is a distributed attack, it uses multiple attack edges and makes it more difficult to detect the origin of the requests to overload the server, making a DDoS more likely to evade the block than if it comes from a single source. They are more effective.

“We are experiencing intermittent outages due to an abnormal traffic pattern that reflects a DDoS attack. We are working to mitigate this,” the company warned in its incident log.

Services have returned to normal since Thursday, November 9, and the security incident has been resolved.

It all started the previous Tuesday with issues experienced by users of the OpenAI chatbot ChatGPT, which were attributed to “exceptionally high demand for the service,” something that naturally occurs due to the heavy usage that exists on the platform. But the next day the problems increased and OpenAI’s investigation ultimately revealed that they had been the victims of a DDoS attack that had left them out of action for several hours.

Most common motivations behind a DDoS attack

According to the BleepingComputer site, the group claiming responsibility for the attack is said to be Anonymous Sudan – which has been responsible for these types of attacks on OneDrive, Outlook and Azure Portal in the past – but there has been no official confirmation that this was the case. TROS; Yes, there are broadcasts on Telegram about this attribution.

“These types of attacks are widely used by so-called hacktivists, who put pressure on organizations motivated by ideological or political dissidence. In recent years, cybercrime has also started to focus on obtaining financial gain, through extortion and ransom demands in exchange for not carrying out these types of attacks. Something known as Ransom DDoS, and the practice or threat of a DDoS, has become part of cybercrime. the range of coercion that ransom groups exert on their victims.”, said Camilo Gutiérrez Amaya, head of the ESET Latin America research laboratory. (JO)