Outage of OpenAI’s ChatGPT service is being blamed on a DDoS attack by pro-Russian hacking group Anonymous Sudan
Outages are still impacting OpenAI’s ChatGPT throughout Thursday, after outages emerged on Wednesday that saw a brief restoration of the service in the late afternoon.
The Downdetector website showed that the outage flared up again on Thursday morning, and is still ongoing on Thursday evening.
It is reported that ChatGPT is being subjected Distributed Denial of Service (DDoS), with the finger of blamed being pointed at a Russian linked hacker group.
On the ChaptGPT status webpage, OpenAI provided an update that confirmed it was a DDoS attack.
“We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack,” the firm said. “We are continuing work to mitigate this.”
The outages since Wednesday have impacted OpenAI’s tools and services, including the chatbot used by more than 100 million weekly active users and the API used by more than two million developers.
Earlier this week OpenAI held it’s first in-person event, where the company announced its most powerful artificial intelligence model yet, GPT-4 Turbo, a GPT store, as well as a new option allowing users to create customised versions of ChatGPT.
It was also revealed that more than 92 percent of Fortune 500 companies use the platform, up from 80 percent in August, and they span across industries such as financial services, legal applications and education.
And it is emerged that OpenAI has been targeted by Pro-Russian hacking group called Anonymous Sudan, after it claimed responsibility with screenshots from the group’s Telegram channel.
“Anonymous Sudan is a pro-Palestinian hacktivist group that Check Point have followed for some time,” wrote Sergey Shykevich, Threat Intelligence Group Manager at Check Point. “They are known to be strong allies of the notorious Russian group KillNet, which is considered a powerful, Russian attack group.”
“Anonymous Sudan is a conglomerate of hackers, originating from different locations and ideologies but working together to take down websites in an act of geopolitical defiance,” said Shykevich. “They claimed responsibility for a DDoS attack on OpenAI yesterday in response to the CEO’s past support of Israel. ChatGPT confirmed they had connectivity issues, which coincided with the planned launch of their ChatGPT store.”
High profile target
Meanwhile, Jake Moore, global cybersecurity advisor at ESET, pointed out that attacking a high profile target such as OpenAI will give hackers some form of kudos.
“Cybercriminals attack from all angles and are incredibly fearless in their attempts. DDoS attacks are a clever way of targeting a company without having to hack the mainframe yet the perpetrators can remain largely anonymous,” said Moore.
“This makes it that much more difficult to protect from when the landscape is completely unknown apart from having the strongest DDoS protection available,” said Moore.
“However, even with such protection, each year threat actors become better equipped and use more IP addresses such as home IoT device to flood systems making it more difficult to protect from and can make systems completely unusable.”
“Unfortunately OpenAI remains one of the most talked about and current technology companies making it a typical target for hackers wanting their own kudos,” Moore concluded. “All that can be done to future proof their networks is to continue to expect the unexpected.”