The attack made it almost impossible to play any games from Blizzard and adds them to the growing list of game designers being affected by DDOS attacks. For today's post we're going to examine what are DDOS attacks and why attacks on the Game Industry are escalating.
DOS and DDOS are short for denial of service and distributed denial of service and generally mean the same form of an attack on a network. A DOS attack is where a person/s attempts to disrupt or completely breakdown access to a network through multiple means. The most common of them is to use automated programs or bots to access a network at a scale that it can't handle to either cause it to crash or slow down access to the point where no one can make use of it.
The key difference between DOS and DDOS is that DOS is when the attack is only coming from one computer or source while DDOS is when multiple sources are attacking a network and are obviously more damaging and harder to stop.
Advanced versions of DOS and DDOS attacks can attempt to control networks, install viruses or be used to get sensitive information from the network such as banking info. There are too many types of attacks to discuss but here is a list of common DOS attacks.
In the past, DDOS attacks were mainly used against major corporations like credit card companies or banks, but we are now seeing an increase in these situations within the Game Industry.
Despite being around for over two decades, the Game Industry has been part of more and more DDOS attacks over the last few years. The first reason is as a form of protest by disgruntled fans. In 2010, Minecraft was a target of a DDOS attack by fans who weren't happy with how the game was being developed.
Because the Game Industry is made up of tech savvy fans, members have a greater chance of having the knowhow and resources to pull off these attacks on companies that they don't like. While Battle.Net was attacked this past week, so were EA's Origin service and Sony's Playstation Network.
The other reason for the escalation is that the Game Industry is not up to date with security measures and that makes it very vulnerable to attacks. With more and more developers having an online presence and making use of third party networks, these networks become prime targets to cause so much trouble for developers and fans.
"More and more people and organizations are adopting an online presence, exponentially increasing the number of misconfigured or unsecure servers available online.
Often, they mean no harm in their actions and merely want to learn or embrace the full functionality, benefit and usefulness the Internet provides," he said. "Many attackers prey on the ignorance of not knowing and use it to their full advantage." Jeremy Scott -- Research Analyst for Solutionary Security Engineering Research Team
This also impacts consumers who may not have adequate security on their own computers, making them targets to be hacked and run bot software from the hacker to help them in disrupting a network. Because of both vulnerabilities from the developers and consumer side, this makes it very hard to stop DDOS attacks.
The problem is that despite what you as the consumer have done to protect yourself : Use multiple passwords, have antivirus and firewall protection etc, if the networks that you're accessing aren't secured, hackers can still mess with things.
As mentioned already, smaller developer sites don't have the funding themselves to maintain and secure a large network, which is why so many use third party networks and digital stores to handle the selling of their titles. Unfortunately if the site isn't secure, your fans may associate you along with the site as to why they can't play your game.
As technology continues to advance, so are the tools and options that hackers have available to disrupt and access secured networks. This sadly means that finding a network that is 100% hacker proof is as impossible as creating a completely piracy proof software.
For the developers reading this, there isn't much that you can do to avoid being part of a DDOS attack. If you are making use of a third party site or network to host and sell your game, find out if they do provide adequate DDOS attack security. And for the consumers, make sure you have some form of antivirus and firewall security on your computer, and contact your ISP to ask if they have DDOS protection.
"Some may think they are not affected because they do not run any services, or have machines online. The attackers are aware of this, too, and more and more unprotected home computers running … OS X, Windows or Linux are being targeted for recruitment into DDoS, botnets and other tactical initiatives." Ramece Cave -- Research Analyst for Solutionary Security Engineering Research Team
This is unfortunately going to become more frequent as time goes on with more game developers moving to digital store fronts and online capabilities. Making sure that the network is both secured and continues to update their protection is important as well as having policies in place if there is an attack.
The only minor bright side to this is that most DDOS attacks on the Game Industry is done not to steal information but to cause havoc. However not having adequate security can leave you expose to targeted attacks by hackers or hacker groups where information can be stolen.
While you can't be 100% secure, it's vital to take the necessary steps in protecting yourself as things are only going to get worse.
(Reprinted from the Xsolla.com Blog)