SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
DDoS attacks on gaming providers are causing mayhem for players everywhere
Wed, 2nd Aug 2017
FYI, this story is more than a year old

The gaming industry is feeling the pressure of DDoS attacks, and none more so than over the last several weeks, a new blog from security firm Radware claims.

What are DDoS attacks?

DDoS attacks, otherwise known as Distributed Denial of Service attacks, are capable of taking entire networks offline. They do this by flooding servers with masses of information and requests. The servers aren't able to cope with the massive influx, and typically suffer from network outages and service degradation.

For gamers, this means disconnections or being completely unable to play a game.

Radware says that because gamers flock to new games and expansion pack releases, legitimate traffic floods often happen. This makes it difficult to block bad traffic without blocking genuine users.

“False positives and false negatives can create problems for legitimate gamers. If their traffic is identified as malicious, it results in the gamer experiencing a denial of service, while if traffic from a malicious user is deemed legitimate, it allows them to continue carrying out the attack,” Radware says.

Major DDoS have attacks hit EA, Riot Games, Enix Networks and Ubisoft in the last year

In 2016, EA, Blizzard and Riot Games all suffered DDoS attacks from two attack groups: Lizard Squad and Poodle Corp. The two groups were making money off their services and would also intentionally sabotage game releases such as Battlefield 1.

This year Enix Networks, which serves Final Fantasy XIV, has been the target for what Radware describes as an ‘advanced and persistent' DDoS attack, which varies its attack methods.

“The attacks appear to have started in parallel with the release of the second expansion pack, Stormblood, for Final Fantasy XIV on June 16th. These attacks have now transferred from targeting Square Enix's game servers to their upstream providers,” the company says.

Ubisoft was hit by DDoS attacks in June. The attacks affected games such as Rainbow Six Siege and Ghost Recon. While Ubisoft said at the time that the attacks caused high latency and limited connection to game servers, the attack wasn't a persistent attack.

NCSoft's Master XC Master multiplayer online battle arena (MOBA) game suffered DoS attacks, which also resulted in major latency and dropped connections. The attacks happened around the same time that the game was released, Radware notes.

Botnets are going to help DDoS attacks become much bigger

Radware says that DDoS attacks will continue to get bigger, as botnets and stresser services can be used to intensify the damage and scale. It's not only users and gaming providers that are affected – ISPs and network infrastructure providers also get taken down.

Radware stresses that gaming providers and ISPs should consider putting anti-DDoS solutions and emergency response plans in place.