It is being reported that, beginning June 16 and continuing through today, players of Final Fantasy X1V have noticed that the game isn’t performing as expected. The publisher has announced that an influx of players is not the issue and, in fact, they have been experiencing DDoS attacks from “an anonymous third party”. Robert Hamilton, Director at Imperva Incapsula commented below.
Robert Hamilton, Director at Imperva Incapsula:
One of the reasons why gaming networks are attacked is that the players themselves sometimes target the sites. There are two common reasons why a player would unleash a DDoS attack: to gain a personal advantage and to disrupt the game. There’s nothing unique about attacks on gaming servers. They’re the same type of DDoS attacks that strike banking servers, e-commerce servers and any other server.
DDoS Attacks fall into three main categories:
- Volumetric Attacks– These brute force attacks are the most common, including ICMP floods, UDP floods and spoof packet. They clog the pipes by flooding bandwidth and blocking access to online resources.
- Protocol Attacks– These attacks target online server resources, rather than bandwidth. They primarily affect communication equipment such as firewalls and load balancers.
- Application Layer Attacks– These are the most sophisticated types of DDoS attacks because they mimic human user behaviour. They’re hard to detect, but they’re capable of overwhelming the application server.
Because network layer attacks are the most common type of DDoS attacks, there are numerous ways to mitigate the threat. The basic idea is to have protection at the network level. Most gaming servers run on proprietary protocols that aren’t HTTP-based. That makes it critical to have a DDoS solution that operates on a network layer. In order to guarantee the stability and predictability of their service, and moreover, their reputation, organisations must deploy DDoS mitigation solutions. Cloud-based solutions for mitigation of DDoS attacks prove themselves very effective against modern DDoS attacks.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.