e-Sports: A Prime Target for DDoS Attacks

gameover_insight

As my colleague discussed a couple of weeks ago, with DDoS attacks continuing to grow in scale and frequency, and increasingly being used to disguise other forms of cyber-crime, gaming companies now have a big target on their backs.

e-Sports, organized, multiplayer video game competitions, has become an extremely popular and lucrative business with at least 70 percent of Americans playing their favorite games and 18 percent attending or viewing e-Sports competitions. The popularity of e-Sports can be traced back to the 1980s and 1990s where some of the first video game tournaments were held with cult classics such as Space Invaders and Tetris. These games would be the catalyst for the popularity of today’s games, including World of War Craft and the Halo series.

Today, with its growing popularity and resulting profitability, e-Sports has become a prime target for volumetric DDoS attacks and as the industry grows so will the attacks.

The Investment

According to market research firm Newzoo, 205 million people watched or played e-Sports in 2014, and as ESPN.com stated in January, “if the eSports nation were actually a nation, it would be the fifth largest in the world.” In Newzoo’s latest quarterly update of its Global Games Market Report, the research firm found that gamers worldwide will generate a total of $99.6 billion in revenues in 2016, up 8.5% compared to 2015. Today, in response to its growing popularity, ESPN has a website completely devoted to e-Sports.

The Problem

DDoS attacks are a serious threat for all business and due to the mainly virtual network infrastructure that e-Sports and sport betting sites rely on – they are no exception. A volumetric attack can leave some of the more sophisticated security systems down and vulnerable to further attacks. The LizardStresser (a type of Botnet) is a DDoS attack the targets IoT devices including gaming devices/ consoles. By gaining access to random IPs and using user credentials the client program can compromise the targeted user and flood their network. Some recent attacks against gaming sites have been as large as 400 Gbps.

What looks to be an exotic attack of a comprehensive network can easily and often be triggered with something as simple as a user’s IP address. This can be extremely frustrating for those gamers who spend countless minutes and hours performing factory resets or moving to different locations in an attempt to fix the issue. It’s not that easy of a fix. Individuals and teams of gamers can be targeted with the intent to disqualify a them for not having enough members for a fair match It’s never an isolated incident and if the threat is not properly addressed, further attacks should be expected.

e-Sports competitions are typically played from a user’s home which means they are at the will of a firewall and whatever IPS devices the affiliated service provider or e-Sports provider has installed. Unfortunately, that’s not a real solution. IPS devices and firewalls are excellent solutions for network integrity and confidentiality, but to truly protect against Botnet attacks e-Sports providers need adopt a solution that can fully protect against volumetric attacks and provide visibility into how the attack is happening, when it is happening, and where the attack is originating from. The key is to have true hybrid protection – on-premise and cloud-based – and industry best practice for the most comprehensive protection from the Modern Day DDoS attack.

Deployed at the network perimeter, an on-premise purpose built DDoS protection solution like Arbor APS can disrupt botnet communications and detects and blocks application-layer DDoS attacks, including those specifically designed to compromise stateful inline tools like firewalls, IPS devices and load balancers. And in the event, the on-premise Arbor APS device detects a large DDoS attack that will overwhelm the local Internet connection, via a powerful feature called Cloud Signaling, the APS can automatically contact the upstream/in-cloud MSSP and reroute the attack traffic to their scrubbing center. This stops the attack before it happens, and provides the intelligence needed to plan for the next attack.

Let’s all take some time to address the seriousness of this threat before its GAME OVER!

Leave a Reply

Your email address will not be published. Required fields are marked *