BLOG: DDoS Attacks on Online Gamers and How to Prevent Them

DDoS Attacks and Gaming

Gaming has been described as a hotbed for DDoS attacks[1]. Gaming platforms are no strangers to network disruption compromises, however, when the world retired to their homes during the Covid-19 pandemic DDoS attacks on the gaming community increased substantially. Research suggests that in the third quarter of 2020 there was an increase of 287 per cent in total DDoS attacks compared to the same period in 2019.

The gaming industry is particularly vulnerable to DDoS attacks. This may be due to online gaming platforms and their sensitivity to availability and latency issues, which make them an ideal target. And during the pandemic, in particular, the gaming industry became a target-rich environment. A recent report even stated that of all cyber-attacks targeting online gaming and gambling industries, in the third quarter of 2020 over a third of these incidents targeted online gaming platforms[2].

Researchers have also warned that more sensitive detection and high-capacity mitigation alone is likely to be insufficient to overcome large DDoS attacks like the ones that we have seen of late including, the record-breaking DDoS attack on Microsoft Azure that reached 2.4 Tbps.

The significance of DDoS attacks on gaming platforms and gamers may not at first be clear but when gaming servers are targeted with a distributed denial-of-service incident, the game becomes unavailable[3]. This has a significant impact on the reputation, financial profits, as well as game availability of a company. Particularly when you consider that in April 2020 alone Fortnite’s 350 million registered players accumulated over 3.2 billion gaming hours. Furthermore, in its first week after launch the game Apex Legends amassed over 25 million users, so the impact of a game availability to these users makes them a prime target for malicious actors.

Why?

Gamers are not only targeted by threat actors for money or by other gamers to cheat but they have also been targeted by nation-state threat actors looking to initiate a supply-chain compromise in the past. These nation-state threat actors target individual gamers to disguise a wider supply-chain compromise to move laterally onto much larger targets. Threat actors such as APT41, ShadowHammer and Winnti have all been linked to incidents of this nature. Whether it’s a supply chain compromise, infecting individual machines with malware or gathering information from online chats gamers and the platforms that they use remain a key target for threat actors of every kind.

This is to be expected as nation-states like China have a particular interest in DDoS attacks. Research shows that most DDoS attacks originate from within China and that 7 out of every 1,000 HTTPS requests in China were part of a DDoS incident[4].

Mitigation Strategies

Due to the wide range of victims targeted by DDoS attacks, including corporate organisations, governments, and military organisations, multiple DDoS mitigation strategies have emerged. Many of these strategies require an additional firewall between the victim’s network and the internet. These firewalls attempt to sort genuine and potentially malicious internet traffic before it reaches its potential target.

Another strategy puts a limit on the number of connections that each remote computer can make, which aims to slow down the service for every user but still allows genuine visitors to still access the network when a DDoS attack occurs. Others spread incoming traffic to a network of distributed servers so that the spike in traffic seen in a DDoS attack can’t overwhelm a single server. Services like Cloudflare use this method and are attractive to businesses due to the buffer they provide between a user’s network and the internet.

How Should Gamers Mitigate DDoS Attacks?

Most of these strategies used to circumvent a DDoS attack are more appropriate for businesses and the government as opposed to individual online gamers. For individuals, the simplest DDoS protection technique would be VPNs. Using a VPN would protect the individual’s IP address from DDoS attacks. When using a VPN, a user’s IP address is hidden, and any malicious individuals would see only the IP address of the VPN server[5].

Most DDoS attacks against gamers are coordinated forms of network disruption and only plan to push individual players off gaming servers or to interrupt their gameplay by causing game lags[6]. Many VPNs for gamers have particularly good DDoS protections so individuals should be able to continue their gameplay without future disruption[7]. However, as we have seen the number of players any online platform or gaming server can have at one time may be in the millions. These statistics and the growing popularity of online gaming increase the likelihood of gamers remaining prime targets for these attacks going forward.

  [1] Online Gaming is a Hot Bed for DDoS Attacks, Nexusguard

[2] Online Gaming is a Hot Bed for DDoS Attacks, Nexusguard

[3] Game Over: Stopping DDoS Attacks Before They Start, Dark Reading

[4] DDoS attack trends for 2021 Q2, Cloudflare

[5] DoS and DDoS attacks on XBOX, XBOX

[6] How to avoid DDoS attacks when gaming, 2021

[7] How to avoid DDoS attacks when gaming, 2021