Death by a Thousand Cuts: Nuisance DDoS Attacks in the Games Industry

by Jonathan Singer on October 7, 2020

At Akamai, we talk a lot about DDoS attacks. It’s because we’re pretty good at handling them. We’ve stopped many of the world’s biggest attacks. And, while less common, they get a lot of attention. But we can also stop the world’s smallest attacks. And we stop lots of them. It’s these smaller attacks that we’re talking about today.

Why?

Let’s compare some figures:

Tom Emmons, an Akamai principal architect, highlighted this in a recent post on the rise in increasingly large, sophisticated DDoS attacks. As you can see, these target an assortment of industries.

Sponsorships Available

Here is what that looks like when sorted by industry:

The video games industry is a big target, but the attacks are overall well distributed across industries.

Now let’s look at total DDoS attacks by industry.

When it comes to the total number of attacks, the games industry is disproportionately targeted. Let’s talk about why.

Why do they happen?

In my blog on criminal economics, I focused exclusively on the criminal element and how they operate. I skipped over glory hackers, hacktivists, cheaters, and angry players — the overwhelming drivers of nuisance attacks.

Hacktivists and angry players are self-explanatory: Your company does something they don’t like (for example, “unfair” acceptable use policies, or making public decisions about hot political issues) and they retaliate either by renting out a DDoS-for-hire service or taking care of it themselves with one of the many easy-to-use DDoS toolkits out there. For glory hackers, they may claim a cause or just do it to earn a reputation. Of the groups I mention above, they are probably less prolific than cheaters.

Cheaters, on the other hand — well, they’re there to cheat. And depending on how your game is structured, DDoS is a relatively easy way to do it. Is your gameplay a competitive multiplayer scenario? A losing player can DDoS to knock the game over before losing to avoid hurting his or her leaderboard stats. Is your gameplay online, and does it involve saved states? Again, a player can DDoS the game to maintain their stats or avoid losing key items.

This happens a lot. Lots of little attacks are a nuisance. They put a drain on resources, both in terms of network resources and personnel that are forced to mitigate them and clean up after them.

What Can I Do?

So DDoS is a problem. And maybe you already knew that, but now you have a better understanding of scope. In either case, you want to know what’s next.

The first thing to decide: Are you going to fix the problem yourself? Or work with a vendor? To better make this decision, it will be useful to understand the true cost of DDoS attacks to your business. You will also want to stay up to date on the latest threat research and our newest State of the Internet / Security report focused on threats impacting the games industry.

At Akamai, we provide extensive DDoS mitigation solutions to provide end-to-end protection for internet-facing applications and services. So if you’ve decided to look for a vendor, you’ll need to plan before you purchase. Check out our helpful guide with eight easy-to-implement best practices.

Finally, if you’re here, you’ve likely already heard of Akamai’s Prolexic DDoS mitigation solution. Prolexic’s recent portfolio enhancement, IP Protect, is a great fit for the games industry and for companies that don’t have a /24 subnet. Prolexic IP Protect uses a reverse proxy architecture that supports multi-port UDP traffic flows for establishing synchronous competitive gameplay sessions. This DDoS mitigation solution provides protection across higher-order ports that are assigned to gamers during play and delivers defense down to the individual IP. With Prolexic IP Protect, Akamai mitigates attacks with high quality, low latency, and minimal impact to the player experience while reducing the game attack surface — a winning combination.