Hacker group, Phantom Squad, have tweeted threats to bring down Xbox and Playstation this Christmas using Distributed Denial of Service Attacks. The hackers have already claimed responsibility for other outages on the gaming platforms earlier this year, as well as a recent Reddit outage. Tyler Reguly, Manager of Software Development at Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tyler Reguly, Manager of Software Development at Tripwire :
“DDoS attacks, like the one being threatened by Phantom Squad, are difficult for any service provider to deal with, regardless of their size. While the blame rests clearly on the attackers, there are things network operators can do to protect themselves.
Best Current Practice 38 (BCP38) describes a technique, ingress filtering, which would prevent the most common DDoS attacks (e.g. spoofed source addresses in UDP Amplification attacks). Unfortunately, not all service providers are willing to implement ingress filtering, which leaves the Internet open to these types of attacks.
Keep in mind that the RFC related to this was published in 1998 and the BCP in 2000. This means that we’ve had more than 15 years to implement this technique. Yet instead, we see continued attacks even as alerts are published by US CERT – First related to DNS Amplification in 2013 (TA13-088A) and then generic UDP Amplification 2014 (TA14-017A). These alerts reference BCP38 and its successor (BCP84) as viable mitigation options, with a recommendation that all network operators implement ingress filtering. That’s not to say that attackers won’t work around ingress filtering with newer methods and techniques but removing the low hanging fruit is always a great first step.
Unfortunately, none of this helps end users. If a successful DDoS is performed against a gaming network, gamers will only have two choices — Find a service that’s still connected or unplug. Luckily, we’re living in a time of a board game renaissance and there are plenty of interesting options available. A lot of gamers play for the competition or to solve a puzzle and today we have board games that extend beyond the Monopoly and Scrabble options that I had growing up. Parents of gamers may want to prepare for this potential outage by looking at quick, family friendly games like Sushi Go! Or Exploding Kittens.
For the more serious gamer, competitive games like Tokaido or Ticket to Ride may be appealing. Alternatively, Pandemic provides an excellent cooperative (co-op) option; eliminating the competition and pitting everyone against the game. While it may be upsetting for hardcore console fans, being prepared with a new board game may be a great way to start a new family holiday tradition.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.