OpenAI Acknowledges DDoS Incidents as Cause of Persistent ChatGPT Disruptions

OpenAI's API and the widely-used ChatGPT service have recently been hit by "periodic outages," which the company has attributed to distributed denial-of-service (DDoS) attacks. Over the last day, these disruptions have intermittently impacted the functionality of their services.

In a recent update, OpenAI acknowledged the issues, citing an "abnormal traffic pattern" consistent with a DDoS attack and stated ongoing efforts to counteract the problem. Users encountering these outages have reported seeing error messages indicating a failure to generate responses.

These incidents follow a series of service disruptions that OpenAI has grappled with throughout the past week. These include a significant ChatGPT outage that occurred on Wednesday, affecting the API, sporadic ChatGPT outages on Tuesday, and higher than usual error rates with Dall-E on Monday.

During Wednesday's outage, ChatGPT users were met with an alert informing them of "exceptionally high demand" and assuring them that work was underway to scale the systems to better handle user load. OpenAI continues to address these challenges as they work towards stabilizing their services amidst the heightened demand and targeted cyber-attacks.

Recent DDoS attacks have been plaguing OpenAI, causing notable service interruptions. Although OpenAI has not formally identified the culprits, a group called Anonymous Sudan has stepped forward with claims of responsibility. This self-proclaimed association with the outages was made on Wednesday, and they justify their actions by accusing OpenAI of displaying a political bias in favor of Israel over Palestine.

Anonymous Sudan boasted about the extent of the disruption in a message on their Telegram channel, pointing to widespread social media reports and challenging OpenAI to acknowledge the DDoS nature of the attacks. They also disclosed that they leveraged the SkyNet botnet, known for its stresser capabilities since October and recent inclusion of application layer (Layer 7) attack strategies.

Layer 7 DDoS attacks specifically target the top layer of the OSI model, overwhelming services with an unmanageable influx of requests, leading to performance issues or total service shutdowns. These attacks can be more crippling than network layer attacks as they exhaust server and network resources rather than just consuming bandwidth.

In a notable offensive this past June, Anonymous Sudan claimed responsibility for bringing down key Microsoft services, including Outlook.com, OneDrive, and the Azure Portal. Microsoft confirmed the attacks, referring to the group's actions under the identifier Storm-1359, and described their attack tactics, which include HTTP (S) flood, Cache bypass, and Slowloris methods.

Anonymous Sudan emerged in early 2023, vowing to strike against entities in opposition to Sudan. Since then, they have shifted their focus to a broader range of targets, including international organizations and government entities, leading to significant disruptions of web services.

Despite their claims, some cybersecurity analysts speculate a false flag operation, suggesting potential ties to Russian interests rather than a genuine alignment with Sudanese causes. These assertions remain part of the ongoing investigation and narrative surrounding the recent spate of DDoS attacks affecting global digital services.