This post reveals why the gaming industry must be proactive about DDoS attacks.
The gaming industry has always been under siege. Think how old the term “booters” is, and the attack pace demonstrates that the complexity and scale is increasing.
At a time when booming popularity should mean the best of times for publishers, their games are facing endless DDoS attacks by adversaries ranging from cybercrime rings to run-of-the-mill cheaters and trolls seeking to disrupt competition.
Botnet rentals have lowered the bar for entry-level DDoS artists, while more sophisticated attackers are combining DDoS attacks with ransomware in ransom-related DDoS attacks (RDOSs), and adding data theft in lethal triple extortion campaigns. The crippling of the once popular Titanfall 2 title shows the potentially devastating impact of such attacks, as compromised systems made gameplay virtually impossible.
To protect their business and retain their fans, publishers need to raise their game against DDoS. If the recent hack of the Twitch game streaming service is any indication of the industry’s current state of cybersecurity, they’ve got a long way to go.
Even seven years after its acquisition by Amazon, the company’s defenses were weak enough to allow hackers to gain seemingly unlimited access to its systems. The attack was a dramatic success, reaping everything from three years of creator payout records to the entirety of the platform’s source code.
The DDoS threat is hardly an invincible final boss no publisher could hope to defeat; in spite of its widespread and escalating prevalence, a multi-layered approach to DDoS protection can be highly effective in keeping these attacks from interfering with gameplay. The first step is to understand the nature of the threat.
Why DDoS Is So Devastating To Online Gaming?
Amid a crowded threat landscape, the menace of DDoS attacks stands out by targeting game publishers where they’re most sensitive: user experience. After all, even the most brilliantly designed and vividly rendered game will fall flat if it can’t meet the demanding expectations of gamers using top-of-the-line hardware. Slow down the publisher’s network, and their business will soon follow.
The way a DDoS attack works is simple: the victim’s IP address is targeted with a high volume of bogus traffic from multiple locations at once, often using a botnet, to overload its network or infrastructure and slow or crash its systems.
As one of the most simple and popular forms of cyberattack, DDoS is commonly used against organizations from financial services to government and healthcare, where keeping systems up and running can have critical importance. To gamers, latency and availability issues can feel like a matter of life and death as well.
For an unscrupulous or disgruntled gamer, hiring a DDoS-for-hire service can be a quick and affordable way to undermine a foe or lash out against a competition. This is no theoretical threat; studios including Respawn, Activision, and Ubisoft have been forced to ban gamers for using DDoS attacks to cheat, while Ubisoft has sued the operators of four such services used to launch attacks on its multi-player servers for Rainbow Six Siege.
Keeping Games Playable With Proactive Protection And Zero Trust
The discovery of a DDoS attack can put game publishers in a bind. The traditional response would be to clamp down on incoming traffic to the targeted system—but this amounts to doing hackers’ work for them, shutting out legitimate activity alongside illicit packets while security analysts scramble to find an effective way to stop the attack.
On the other hand, they can’t just sit by and watch their platform grind to a halt. Either way, the damage is done. Sessions are disrupted, gamers are frustrated, and the publisher’s reputation has taken a significant hit.
To ensure an uninterrupted, high-quality experience for players, game publishers, and hosters, need to shift from legacy reactive measures to modern proactive protection to even the odds. Taking a zero trust approach to security, they should assume that a threat can originate anywhere inside or outside the network perimeter—and act accordingly.
Players (and bots) should be screened through multiple automated checks before being granted access, and continuously checked throughout their session for DDoS characteristics to ensure that an authenticated player won’t launch a sneak attack.
For comprehensive DDoS defense, a Zero Trust strategy should be complemented by additional automated defenses and best practices for web and application gaming security. These include:
- Leveraging comprehensive and dynamic threat intelligence to block known bad IP addresses hosting DDoS weapons
- Applying baselining, artificial intelligence (AI)/machine learning (ML), and pattern recognition to detect and block traffic with unusual or suspicious characteristics, such as behaviors associated with the orchestration of a distributed attack
- Performing real-time watermark inspection on all traffic from the internet to the gaming server to prevent reflected amplification—a common tactic to magnify the impact of an attack
With record-setting sales, a new generation of consoles, and developers pushing new levels of creativity, the gaming industry can’t afford the distraction and disruption of DDoS to stall its momentum. By getting proactive about DDoS protection, they can deliver the best experiences for players—and the best results for their business.
- The Gaming Industry Must Be Proactive About DDoS Attacks - January 5, 2022