Distributed-Denial-of-Service (DDoS) Disrupted Gaming Industry During the Holiday - What You Need to Know

Play games

During the Christmas holiday, the Xbox and PlayStation networks at Sony and Microsoft game websites were taken down by a group of hackers called Lizard squad. This attack put thousands of users out of game playing. What a bummer huh?

Originally, the FBI blamed the North Koreans for taking down the network--that is another story, but had since revised their assessment when the Lizard squad claimed responsibility for the attack.

This kind of attack is called distributed-denial-of-service (DDoS). The impact resulted from such attack can be serious to the business than just causing a mere nuisance to the end-users. For example, this DDoS attack [incurred $30000-a-day Amazon cloud hosting service charge](This kind of attack is called distributed-denial-of-service (DDoS){:targetet="_blank"}.

What is (Distributed) Denial-of-Service?

Imagine you are a gamer in this incident. Some of the functions in the game console rely on the Internet connection to the gaming site. You can't play any of your games if there is too much traffic, and the servers shut down because of it. In the Chinese activist case, the DDoS attack delivered 2.6 billion requests per hour.

(Distributed) Denial-of-Service or (D)DoS is very common security attack. Please check out this interactive map to see attacks happening in real-time around the world.

Why attack?

One must be curious to understand what cause an individual or a group of people carry out such attacks.

HELP MANKIND

Believe it or not, the Lizard squad said that they were doing people a favor by “forcing” them to spend more time with family and friends during the holiday instead of playing online games. While there might be some truth to this, many gamers rejected this claim, stating that they, in fact, enjoyed time with their family by playing games together.

FORCE BIG COMPANIES TO UPGRADE THEIR SECURITY

In an article from Business Insider, interviewed hackers said they took down PlayStation Network and Xbox Live “for the laughs,” but eventually the hackers found a cause to rally behind — forcing these companies to up their game and upgrade the security on their networks.

DISRUPT BUSINESS

In another article from the Daily Mail, Sony's vice president Catherine Jensen said: 'PlayStation Network and some other gaming services were attacked over the holidays with artificially high levels of traffic to disrupt connectivity and online gameplay.'

FOR THE FUN OF IT

Sometimes hackers infiltrate the network just for the fun of it, to get their 15-minute of fame and to show off their technical prowess. They take the network down with DDoS just so the world knows about it, which in many cases we do.

The 3 categories of DDoS and mitigation against such attacks

The biggest issue about DDoS is its distributed nature. It is fairly common that the sources of attack come from all over the world, as seen in this map. It is not possible to block a particular packet source by country or other dummy methods.

To understand how we can protect against DDoS attack, first we must understand the different types of DDoS because every type of attack requires a different type of protection.

DDoS attacks are divided into volumetric, TCP, and application attacks.

VOLUMETRIC ATTACKS

Volumetric attacks are based on high amount of data traffic sent to the target. It can be done via amplifiers (misconfigured servers all around the world) to strengthen the attack and increase the bandwidth of the attacks. These attacks are hard to handle even if we have some protection on premise. We can drop the connections, but the data line has only limited capacity. If we drop the packets, there is still a lot of traffic on the data line. Thus, locally installed protection is not enough.

The key factor is to create an effective and automatic connection/signalling between ISP and the DDoS protection appliance that is installed on premise.

TCP ATTACKS

TCP attacks are focused on utilisation vacant and available connection slots to consume all the memory and other available resources on the target machine. These attacks can be suppressed by proxies that limit the number of requests and forward only correct ones via a full 3-way handshake.

Another technique is to use reputation databases of source IP addresses. Connections from origins with bad reputation, botnets and "problematic" countries are banned or dropped. This type of attack is not volumetric - our data line remains free even when we are under the attack. Discarding unwanted packets solves the problem.

APPLICATION ATTACKS

The last type focuses on the application layer. These attacks are the most destructive but, fortunately, require deeper knowledge from the attackers. These attacks can be performed using only a few packets if the target application has flaws in the code. We can use smart WAF or other application solution to mitigate these types of attacks. But these attacks are target specific, so is it necessary to investigate the attacks and repair the application or configure WAF for a particular application.

How to mitigate against DDOS attacks with SeaCat Mobile Secure Gateway (SC MSG)

AGILITY, CONTROL AND SCALABILITY

Imagine that you can control which gateway provides the functionalities for a particular application. You can extend the number of gateways or even deactivate some gateways. You can simply forward traffic to another gateway that is not under attack with approximately five minutes of connectivity interruption.

Because of the cloud, you can dedicate many gateways to serve one service for an application. During a DDoS attack, you disable the gateway that is under attack and automatically start new gateway(s) if necessary.

Additionally, every request to the application server has to be signed by a certificate. Therefore, it is not possible to send unsigned data packets. Every packet is examined, and SeaCat shields the real application server. Direct access via IP address is not possible.

COMPATIBILITY WITH GAMING APPLICATIONS

We design SeaCat Mobile Secure Gateway to scale and be compatible with many popular frameworks and platforms. You can port SeaCat to any contemporary console platforms like Playstation 3 & 4 (Sony), Xbox (Microsoft), Wii U (Nintendo). You can use it on any existing iOS and Android platforms.

Drop us a line at info@teskalabs.com to learn more about DDoS and how to protect your business against it. Alternatively, connect with us on Twitter @TeskaLabs.

Photo Credit: PrasViedegeek via Compfight


TurboCat.io

Data encryption tool for GDPR

More information


You Might Be Interested in Reading These Articles

7 Reasons Why Mobile App Security Testing Is Crucial for Enterprises

Gartner reports that by the end of 2015, 75% of mobile apps will fail basic security tests. Over 2/3 of large enterprises have been breached via mobile applications. Each security breach up costs up to $3 million/year. The estimated annual cost of mobile cyber breaches is around $50 billion, globally and increasing.

Continue reading ...

mobile security

Published on January 12, 2016

Android Nougat: Google OS' Tightest Security Yet

Officially released a month ago, the latest Google mobile OS version has made a few major adjustments, particularly in its security features. The search giant has improved the security in the Android Nougat (or also known as Android N) from strengthening the Android itself to some tools that helps developers to keep things as it is while users install apps.

Continue reading ...

security android

Published on November 15, 2016

The Real Impacts of General Data Protection Regulation (GDPR) to EU Companies That Operate Mobile Applications

The General Data Protection Regulation (GDPR) is a new EU regulation aimed at protecting the personal data of EU citizens. Because of the broad definition of “personal data”, GDRP impacts almost every EU company, as well as non-EU companies that exchange data with them. The regulation takes effect in May 2018, which is still a long way in the future, but the complex requirements mean that companies need to start planning and taking action now.

Continue reading ...

security

Published on December 06, 2016