Distributed denial of service (DDoS) attacks are not limited to enterprises; we have recently seen a string of DDoS attacks hitting the gaming industry, says senior engineer at F5 Networks, Martin Walshaw.
“The attacks have become more frequent, particularly in the professional gaming scene where large sums of money are available,” explains Walshaw, adding that this presents a fresh concern for competitive gamers, as Internet protocol addresses of individual players, as well as servers, being increasingly targeted.
DDoS attacks are designed to make a service unavailable to its intended users, according to Walshaw, they typically target banking sites and credit card payment gateways, but lately there has been a marked increase in attacks targeting gaming sites.
“InfoSecurity Magazine reports that in February the number of network time protocol (NTP) amplification attacks increased 371.43%. The average peak DDoS attack volume increased a staggering 807.48%, prompting Prolexic Technologies to issue a high alert threat advisory on NTP amplification DDoS attacks – but it was too late for Wurm and League of Legends.”
Walshaw cites a recent article on BBC News, which revealed that Wurm is among the latest games to have been hit, with an attack knocking the multiplayer servers offline for two days between 18 and 20 February. For the developer, this is a major inconvenience, he says, as the main selling point of the game is its multiplayer content – the more prolonged the attack, the more damage it does to the brand.
“For most gamers, these attacks are frustrating and inconvenient. Wurm’s creators were forced to migrate to new servers and offered a bounty of €10 000 for information that would lead to the perpetrator/s. Also in February, the League of Legends site suffered two DDoS attacks in 24 hours, described as the “biggest [attack] of its kind” against the game since its inception.”
However, notes Walshaw, in electronic sports competitions, which offer professional gamers considerable sums of money in tournaments, DDoS attacks are more than just an inconvenience; they can have a significant impact on the results of a game. Last year, several rounds of a popular DOTA 2 tournament had to be postponed after persistent DDoS attacks in qualifying rounds. In competitions where reactions delayed by a fraction of a second can result in failure and lost funds, a slow connection can be a serious issue.
“DDoS attacks are increasingly prevalent and show no signs of losing popularity with cyber criminals. Experts expect these enormous volumetric attacks will gain popularity due to the fact that they leverage existing DNS servers on the Internet – there is no need to recruit one’s own botnet, or even rent one,” he states.
“Large cyber-attacks are capable of knocking out business-critical applications that generate revenue and facilitate communications, which can have severe business impacts. Organisations that depend on their online presence for survival absolutely need to invest in security solutions that protect themselves, staff, customers and end-users against these attack vectors.”
According to John Grady, research manager for security products at IDC, DDoS attack methods have become much stealthier and are increasing in frequency, volume and application specificity. To ensure protection against these threats, he urges organisations to consider a defence-in-depth posture for DDoS defence. Grady adds that one important component is the on-premises appliance, key in detecting and mitigating advanced application, SSL and volumetric attacks.
“Whether these kinds of DDoS attacks are the work of mischief makers, sore losers or even attempts to sabotage rivals, is unclear. What is clear is that defending against DDoS attacks is not just the province of private and public sector businesses,” observes Walshaw.
He concludes that these attacks have become more prevalent and have amplified over the last year; we can expect to see a lot more of them, with even greater power, across different sectors, throughout this year.