A suspected cyber attack has caused significant outages on ChatGPT and its application programming interface, affecting users on November 8. OpenAI, the organization behind ChatGPT, suggested that the outages were due to a distributed denial-of-service (DDoS) attack and a group named Anonymous Sudan has claimed responsibility for the attack. The hackers accused OpenAI of having a bias towards Israel and against Palestine, prompting them to carry out the attack.
Anonymous Sudan, according to Trustwave SpiderLabs researchers, is believed to be a sub-group of the pro-Russian Killnet threat group. The group has conducted multiple attacks across industries and targeted various global organizations and agencies. There is little evidence to suggest that the group is financially motivated, and its targets often align with those opposed by Russia. Despite its name, Anonymous Sudan is not believed to have any connection with the traditional Anonymous operations group.
OpenAI initially addressed the outages by posting an incident report on November 8, followed by updates indicating that the issue was being investigated and a fix had been implemented. However, periodic outages continued to persist, leading OpenAI to confirm that the abnormal traffic pattern was reflective of a DDoS attack. ChatGPT itself seemed unaware of any issues when asked about the outages, emphasizing that everything was running smoothly.
It is evident that the cybercriminals behind DDoS attacks are becoming increasingly bold and adept at targeting organizations without being easily traced. Jake Moore, a cybersecurity advisor at ESET, acknowledges the risks posed by such attacks to companies like OpenAI and emphasized the need for proactive cybersecurity measures.
In response to the evolving threat landscape, experts like Donny Chong from Nexusguard emphasize the need for organizations to adapt and implement robust DDoS protection. This includes reducing attack surfaces, implementing rate limiting and real-time threat monitoring, and incorporating Anycast routing to defend against surging attacks.
As cybersecurity threats continue to evolve, organizations that rely on technologies like ChatGPT must remain vigilant to protect their digital infrastructure. Proactive measures and strategic defense mechanisms are crucial to safeguarding against potential attacks in the future.