Distributed-Denial-of-Service (DDoS) Disrupted Gaming Industry During the Holiday - What You Need to Know

Play games

During the Christmas holiday, the Xbox and PlayStation networks at Sony and Microsoft game websites were taken down by a group of hackers called Lizard squad. This attack put thousands of users out of game playing. What a bummer huh?

Originally, the FBI blamed the North Koreans for taking down the network--that is another story, but had since revised their assessment when the Lizard squad claimed responsibility for the attack.

This kind of attack is called distributed-denial-of-service (DDoS). The impact resulted from such attack can be serious to the business than just causing a mere nuisance to the end-users. For example, this DDoS attack [incurred $30000-a-day Amazon cloud hosting service charge](This kind of attack is called distributed-denial-of-service (DDoS){:targetet="_blank"}.

What is (Distributed) Denial-of-Service?

Imagine you are a gamer in this incident. Some of the functions in the game console rely on the Internet connection to the gaming site. You can't play any of your games if there is too much traffic, and the servers shut down because of it. In the Chinese activist case, the DDoS attack delivered 2.6 billion requests per hour.

(Distributed) Denial-of-Service or (D)DoS is very common security attack. Please check out this interactive map to see attacks happening in real-time around the world.

Why attack?

One must be curious to understand what cause an individual or a group of people carry out such attacks.

HELP MANKIND

Believe it or not, the Lizard squad said that they were doing people a favor by “forcing” them to spend more time with family and friends during the holiday instead of playing online games. While there might be some truth to this, many gamers rejected this claim, stating that they, in fact, enjoyed time with their family by playing games together.

FORCE BIG COMPANIES TO UPGRADE THEIR SECURITY

In an article from Business Insider, interviewed hackers said they took down PlayStation Network and Xbox Live “for the laughs,” but eventually the hackers found a cause to rally behind — forcing these companies to up their game and upgrade the security on their networks.

DISRUPT BUSINESS

In another article from the Daily Mail, Sony's vice president Catherine Jensen said: 'PlayStation Network and some other gaming services were attacked over the holidays with artificially high levels of traffic to disrupt connectivity and online gameplay.'

FOR THE FUN OF IT

Sometimes hackers infiltrate the network just for the fun of it, to get their 15-minute of fame and to show off their technical prowess. They take the network down with DDoS just so the world knows about it, which in many cases we do.

The 3 categories of DDoS and mitigation against such attacks

The biggest issue about DDoS is its distributed nature. It is fairly common that the sources of attack come from all over the world, as seen in this map. It is not possible to block a particular packet source by country or other dummy methods.

To understand how we can protect against DDoS attack, first we must understand the different types of DDoS because every type of attack requires a different type of protection.

DDoS attacks are divided into volumetric, TCP, and application attacks.

VOLUMETRIC ATTACKS

Volumetric attacks are based on high amount of data traffic sent to the target. It can be done via amplifiers (misconfigured servers all around the world) to strengthen the attack and increase the bandwidth of the attacks. These attacks are hard to handle even if we have some protection on premise. We can drop the connections, but the data line has only limited capacity. If we drop the packets, there is still a lot of traffic on the data line. Thus, locally installed protection is not enough.

The key factor is to create an effective and automatic connection/signalling between ISP and the DDoS protection appliance that is installed on premise.

TCP ATTACKS

TCP attacks are focused on utilisation vacant and available connection slots to consume all the memory and other available resources on the target machine. These attacks can be suppressed by proxies that limit the number of requests and forward only correct ones via a full 3-way handshake.

Another technique is to use reputation databases of source IP addresses. Connections from origins with bad reputation, botnets and "problematic" countries are banned or dropped. This type of attack is not volumetric - our data line remains free even when we are under the attack. Discarding unwanted packets solves the problem.

APPLICATION ATTACKS

The last type focuses on the application layer. These attacks are the most destructive but, fortunately, require deeper knowledge from the attackers. These attacks can be performed using only a few packets if the target application has flaws in the code. We can use smart WAF or other application solution to mitigate these types of attacks. But these attacks are target specific, so is it necessary to investigate the attacks and repair the application or configure WAF for a particular application.

How to mitigate against DDOS attacks with SeaCat Mobile Secure Gateway (SC MSG)

AGILITY, CONTROL AND SCALABILITY

Imagine that you can control which gateway provides the functionalities for a particular application. You can extend the number of gateways or even deactivate some gateways. You can simply forward traffic to another gateway that is not under attack with approximately five minutes of connectivity interruption.

Because of the cloud, you can dedicate many gateways to serve one service for an application. During a DDoS attack, you disable the gateway that is under attack and automatically start new gateway(s) if necessary.

Additionally, every request to the application server has to be signed by a certificate. Therefore, it is not possible to send unsigned data packets. Every packet is examined, and SeaCat shields the real application server. Direct access via IP address is not possible.

COMPATIBILITY WITH GAMING APPLICATIONS

We design SeaCat Mobile Secure Gateway to scale and be compatible with many popular frameworks and platforms. You can port SeaCat to any contemporary console platforms like Playstation 3 & 4 (Sony), Xbox (Microsoft), Wii U (Nintendo). You can use it on any existing iOS and Android platforms.

Drop us a line at info@teskalabs.com to learn more about DDoS and how to protect your business against it. Alternatively, connect with us on Twitter @TeskaLabs.

Photo Credit: PrasViedegeek via Compfight


TurboCat.io

Data anonymization tool for GDPR

More information


You Might Be Interested in Reading These Articles

Why You Need Security Audit for Your Point-­of-­Sale (POS) System

It’s clear that POS systems are a source of important and valuable data, and have the power to either speed up the progress or to stop the development of a company, depending on whether or not they are used. POS data is a business asset. Despite this vital importance, such an asset is not afforded the protection it deserves.

Continue reading ...

mobile security pos

Published on March 07, 2017

Connecting the Unconnected. Securing the Internet of Things (IoT)

The Internet of Things (IoT) has unleashed new trends, and things are now labeled Smart-X (X = things). We can now connect the unconnected like cow or Barbie doll. But anything that can be connected can be hacked.

Continue reading ...

IoT security

Published on July 14, 2015

Want to Be a “Man in the Middle” of a Mobile Communication? It’s Easier Than You Think

Mobile are everywhere nowadays and a central part of almost everyone's lives. In fact, we are using them for everything - both for personal and business purposes. From streaming media entertains us on our way to work, to chatting with friends and family, to sending emails at work - mobiles are now effectively computers on the go. According to a study from Cisco, we are using mobile access more and more. And this trend will continue well into the future.

Continue reading ...

mobile security

Published on October 25, 2016