Like moths to a flame, hackers always go where the action is. As the COVID-19 pandemic drove work away from the office, businesses have faced one cyberattack after another on their remote work infrastructure. Meanwhile, a boom in virtual entertainment has brought a surge of players to the gaming industry. They, in turn, have brought a rise in DDoS attack activity.
Cybercrime rings are launching triple extortion campaigns combining DDoS attacks with ransomware and data theft. Meanwhile, ordinary gamers can rent a botnet easily and affordably. It allows them to cheat or disrupt competition with a DDoS attack of their own. The highly popular Titanfall 2 game has already been rendered virtually unplayable, perhaps by as few as one or two individual players. Its publisher has now seemingly abandoned it and is now focusing on defending a newer title from similar attacks.
This escalating cyberattack activity poses an urgent challenge for the gaming industry. How to achieve the level of DDoS protection needed to keep its products playable—or risk alienating the fans whose loyalty it depends on?
The DDoS Attack Menace
One of the most prevalent forms of cyberattack is a DDoS attack. It seeks to overload its victim’s network or infrastructure with a high-volume flood of illicit traffic from multiple locations at once. Often, these attacks are launched using a botnet. This is a network of computers and devices that have been infected by malware and recruited by cybercriminals.
A single instruction can direct thousands of botnet members to target a given IP address. It causes the victim’s systems to crash or leads its ISP to suspend service under a “noisy neighbour” policy to protect resources needed for other customers.
Far from an ad hoc, homegrown exploit, the DDoS attack industry is sophisticated and thriving. Cybercrime rings rent out DDoS-for-hire services that allow anyone to launch a DDoS attack quickly and inexpensively. A gamer can buy an attack for less than the cost of a can of energy drink. It will last long enough to disrupt an opponent’s session.
At the high end, a botnet named “Simps” has recently been identified as part of the arsenal of the Keksec cybercrime organisation. Infecting IoT devices in tandem with BASHLITE malware, Simps is already being used to launch DDoS attacks on gaming targets.
The Gaming Industry Comes under Fire
While DDoS attack activity is on the rise, it’s a threat the gaming industry has faced for many years. As long ago as 2016, a teenager used a variant of the Mirai botnet to launch a DDoS attack against the Sony PlayStation platform. It cost the company $2.7 million in revenue.
Such exploits generally come in two forms: cheating or retaliation by individual gamers or financially motivated schemes by professional cybercriminals. In either case, the impact of these attacks is all too easy to see. In the case of Titanfall 2, continuous DDoS attacks have made the game all but unplayable.
The ease of launching a DDoS attack makes it a highly appealing tactic for unscrupulous players. By targeting an individual opponent, the attacker can render their session slow or unplayable. It gains them a significant competitive advantage.
Professional esports teams are vying for as much as $30 million or more in prize money in a single competition. It means there is much more than bragging rights at stake. Leading studios such as Respawn, Activision, and Ubisoft have banned gamers found to have used DDoS attacks to cheat. Ubisoft filed suit against the operators of four DDoS-for-hire services that had been used to launch attacks on its Rainbow Six Siege multiplayer servers.
Cybercriminals are also attacking game publishers
IT is not just unscrupulous or disgruntled gamers who are the problem. Game publishers have also fallen into the crosshairs of the same cyberattack rings targeting industries from financial services to government and healthcare.
In those industries, attackers gain leverage from the critical—even life-and-death—importance of keeping systems available for account holders, constituents, doctors, and patients. Uptime can be nearly as vital in the gaming industry, where customers are often intensely engaged and heavily invested in their favourite titles and systems.
High sensitivity to latency and availability issues makes online gaming platforms a prime target for cybercriminals. They are increasingly using extortionate schemes such as a ransom-related DDoS attack (RDOS).
Ensuring High-Quality Play with DDoS Protection
When every millisecond matters, reactive DDoS protection measures prove ineffective for gaming industry victims. When a DDoS attack is discovered, legacy solutions often respond by clamping down on traffic to protect the targeted system from being overloaded. It side-lines legitimate players alongside hackers.
By the time the attack has been analysed and neutralised, the damage to customer sessions and the game’s reputation has already been done. Hackers increasingly deploy multi-vector exploits. These are even harder for security teams to respond quickly and keep platforms available.
Rather than waiting for a cyberattack to happen, then responding, gaming platform operators must take a proactive approach to DDoS protection. It begins with Zero Trust. It is a security model based on the idea that organisations should not automatically trust anything inside or outside the network perimeter.
Before allowing access to its systems, the operator should perform multiple checks for legitimate access rights. Once inside, the player should continue to be checked to prevent authenticated players from going rogue. At the same time, continuous, real-time validation can’t be allowed to compromise the gameplay experience.
Essential elements of DDoS defence for the gaming industry reflect best practices for web security across every vertical. It includes leveraging threat intelligence to block IP addresses known to host DDoS weapons. It also blocks unauthenticated access, unwanted and unusual behaviour. One technique it uses is to verify time-sensitive watermarks on every packet. It also deploys zero-day attack pattern recognition.
The gaming industry has thrived by providing deeply immersive, richly realised, and highly responsive experiences for players. By taking a proactive, zero trust-based approach to DDoS protection, gaming platform operators can keep cheaters and criminals from spoiling the fun for players and fans.
A10 Networks (NYSE: ATEN) provides Reliable Security Always™, with a range of high-performance application networking solutions that help organisations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide.
