The unprecedented number of security breaches, hacks and DDoS attacks on gaming communities, software manufacturers and even Hollywood studios grew to epic proportions in Q4 of 2014. Gaming sites and their hosting providers are particularly susceptible, and you don’t have to be a giant in the industry to be affected. In this article, we will explore why gaming sites are so hard-hit and how hosting providers can most effectively defend themselves.
Why Gaming Sites are Prime Targets
The reasons game servers frequently experience DDoS attacks are wide and varied. The majority of DDoS attacks sometimes are targeted against servers to cause latency in the network, thus interrupting game play and frustrating users. Some attacks are just for fun – a hacker showing off or trying to prove a point. Others may be motivated by the game itself: some real or imagined slight by other players that leads to retaliation, game mechanics (i.e. “I got cheated out of X”) or the desire for some gain, such as wanting to remain the top player in a particular category.
Some attacks are financially motivated, however; a DDoS attack can shut down game play, which means that the gaming company is losing money every second it is offline. There have even been reports of hackers who have blackmailed organizations, demanding a fee to end the attack.
In addition, attacks against game servers can be used to test proof of concept. When a new type of attack shows up, it has usually been tested within the gaming industry first. Hackers try out new botnets or attack methods on gaming sites because the latency created by DDoS attacks provides them with enough information to see the impact of their attack rather than waiting around wondering, “Did my attack succeed?”
Regardless of the rational, DDoS attacks can be devastating to not only the gaming companies themselves, but also to the providers that host the data.
How Hackers Bypass Firewalls and Other Security Measures
For a DDoS attack, the goal is to “flood the pipe” or exhaust the resources of an application, versus malware or some other method of attack. The attacker is not trying to get into the core systems, which the firewall was created to defend. Firewalls and other defenses really only apply to attacks whose aim is data exfiltration. In an exfiltration attack, the malware has already been injected into the core systems on the back end and DDoS attacks then serve to distract IT security teams so that the attacker can steal the data he or she wants.
As an analogy, there are different medicines that work against specific viruses – for instance, the flu virus. There are a myriad of flu viruses, and only certain medicines will affect a specific one. Similarly, in cyber security, different kinds of attacks are possible, and certain types of technologies are useful against particular attacks, whereas others are not. Even DDoS attacks have multiple variants. In these situations, while firewalls offer some protection, they don’t protect completely against DDoS attacks.
Firewalls such as IPS and DLP solutions are prone to being DDoS’d, can quickly become exhausted by these attacks and, once brought down, can act as the single point of failure in the network. It is imperative that vulnerable data be protected with a layered approach.
Three Best Practices in DDoS Mitigation
It can sometimes be difficult to navigate the cyber security offerings on the market today. In fact, solutions are as vast as the attacks they look to protect. Below are three best practices to keep in mind when building a secure and well-rounded network environment.
An Ounce of Prevention…
Overall, it is important to identify solutions that protect data from the various types of DDoS attacks: volumetric, application layer and protocol attacks. Compare the pricing of various solutions as well, since price is a key differentiator in this category.
In the past, many gaming companies and hosting providers didn’t think about adding a DDoS protection layer until after the fact. The reality is that these attacks are growing in number and frequency. It is evident that the financial loss and damage to brand reputation can be significant, while the possible exfiltration of sensitive data and the cost in man-hours that are required to get the system back up and running can make or break a business. Take proper precautions ahead of the “game” and look to security solutions that will provide you with the necessary tools to mitigate these losses before your organization becomed the next big security breach story.