OpenAI is battling a service outage related to Russian hackers

OpenAI has linked the recent ChatGPT outage and its API to a distributed denial-of-service attack.

Photo credit: Adeel Ahmed/Shutterstock

ChatGPT was hit by a distributed denial-of-service (DDoS) attack on Wednesday, which OpenAI confirmed in a status update on Thursday. According to reports, the attacks were allegedly orchestrated by a group of Russian-backed cybercriminals calling themselves “Anonymous Sudan.”

“We are dealing with periodic outages due to abnormal traffic patterns due to DDoS attacks,” the company said. We are continuing our efforts to mitigate this situation. ”

According to reports, the group claimed responsibility for the Telegram attack in retaliation for OpenAI’s support for Israel.

A distributed denial-of-service attack is a malicious attempt to disrupt access to a target server, service, or network by overwhelming it with a large amount of internet traffic.

The issue surfaced on Tuesday amid reports of sporadic outages of ChatGPT and its API starting at 10:52 p.m. ET. While OpenAI says the issue was resolved by midnight, the outage started again.

“The API and ChatGPT are downgraded again and we are continuing our investigation,” the status update said, again stating that the issue was resolved later that night.

On Wednesday, starting at 8:52 a.m. ET, the outage began again and lasted nearly two hours.

“Between 5:42 a.m. and 7:16 p.m. PT, we found that the bug affected all services,” OpenAI said. We identified the issue and implemented a fix, and now we see that our service responds normally. ”

OpenAI did not respond to a request for comment.

“The easiest way to think about a denial-of-service attack is like a phone line,” David Schwed, chief operating officer of blockchain cybersecurity firm Halborn, said in an interview. "If you have 10 phones on your phone line and they call you from 20 phones at the same time, they’re clogging up the line and can’t answer the call.

Schwed explains, "It’s denial of service; If you have 10 GB of bandwidth, they’ll inject it with more bandwidth than the device on the other end can handle. ”

He added that because DDoS attacks come from different locations at the same time, their distributed nature is nearly impossible to stop with IP filtering or blocking.

“It’s just from millions of infected machines and IoT devices that initiate HTTP queries, pings, or any queries against servers or routers,” he said. He added that the network operations center notices that someone is making a mistake before the information arrives. The amount of abnormal bandwidth consumed by the end user is based on.

Schwed warned that while COCs have the means to divert “bad traffic,” an attack large enough could also cause these machines to go down, adding that companies may have to wait until the attack is over.

While denial-of-service attacks may be new to AI chatbots, the blockchain industry has been dealing with this form of cyberattack for years. The popular Solana network was the target of a series of attacks.

In September 2021, a denial-of-service attack took the network down for more than 17 hours. In May 2022, Solana was again attacked by a bot swarm called “Candy Machine”, which launched a denial-of-service attack on the network. In June 2022, Stepn, a Move-to-Earn game on the Solana network, was hit by a distributed denial-of-service attack.

After a rough July 2022, the Solana Foundation told Decrypt in an email that the company has achieved 100% uptime and a significant improvement in network performance since February of this year.