OpenAI blamed apparent DDoS attacks for this week’s outages to its popular ChatGPT service, and a hacktivist group took credit for the attacks.
DDoS (distributed denial-of-service) attacks are usually aimed at crippling websites or networks by flooding them with illegitimate traffic.
The hacktivist group that claimed on Telegram to have targeted OpenAI with DDoS attacks is known as “Anonymous Sudan.” Earlier this year, the Russia-linked group claimed responsibility for taking down a number of Microsoft cloud services.
OpenAI posted at 12:03 p.m. PT Wednesday that it was investigating “periodic outages across ChatGPT and API.”
A fix was implemented within an hour of that posting, but by 5:23 p.m. PT, OpenAI said outages were continuing to affect its services.
In an update at 7:49 p.m. PT Wednesday, the company disclosed that “we are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack.”
“We are continuing work to mitigate this,” the company said in the update.
The ChatGPT service appeared to be working normally as of this writing Thursday afternoon, CRN found.
In addition to the impacts to the ChatGPT app itself, it’s also a major concern that the outages have affected technologies that utilize the ChatGPT API, said Dean Webb, cybersecurity engineer at identity and access management vendor Merlin Cyber, in an email.
This is especially true in cases where a critical security tool has its functionality impacted as a result of the outages, Webb said.
While DDoS is not among the more sophisticated types of cyberattack, the attacks can still create significant disruptions, even for security-focused organizations.
For example, in June, Microsoft confirmed that the DDoS attacks claimed by Anonymous Sudan were responsible for the series of outages to several of its major cloud services, including Microsoft 365 and the Azure portal.