Reaction and Reputation damage:Why online gaming has a DDoS problem

online gaming

Ask a gaming company what they love about their gamers and you’ll hear stories about some of the most passionate people on the internet, fiercely dedicated to the worlds, characters and quests they’ve become invested in over the weeks, months and years they’ve been playing.

Ask DDoS attackers what they love about gamers and they will give you a very similar answer. Gaming platforms might make it easy for DDoS attacks to succeed, but it’s the reaction of gamers that often makes attacking those platforms so appealing. It’s why Nintendo PlayStation Network, Xbox Live, Final Fantasy, Epic Games, Blizzard and Steam are all frequent and repeated targets of DDoS attacks, and why their reputations take a hit with every attack that succeeds.

Attack facts

What is DDoS is a question new gamers may find themselves Googling exactly once. After that, they’ll come to know that distributed denial of service attacks are very likely what’s behind the downtime preventing them from playing fighting off the next wave of zombies in Fortnite or finish a quest in World of Warcraft.

DDoS attacks use a botnet of online devices to barrage victim servers or networks with attack traffic, consuming resources or bandwidth until there’s nothing left for legitimate users, and performance is degraded beyond the point of usability, or the service is knocked offline altogether.

The gaming industry is routinely one of the two most targeted industries when it comes to DDoS attacks, with online gambling joining it at the top. There are a few major reasons online gaming platforms are so heavily targeted, and they’re split between technical reasons and gamer-related reasons with many of them tracing back to the intensely competitive nature of the industry.

The technical reasons

One of the reasons gaming platforms are so often targeted, and so often targeted successfully, has to do with the nature of gaming platforms. Gaming platforms are built with proprietary network infrastructures and protocols, which means many of the standard network security measures that might help fend off malicious traffic aren’t relevant. Further, these platforms have to offer constant connectivity for users, which means that the theoretically always-available centralized platform is one big single point of failure for attacks, making it easier for DDoS efforts to succeed.

Gaming platforms are also frequently subjected to huge influxes of actual traffic. Every time a new game or expansion pack drops, gamers descend on the platform in hordes to try it out, and with servers and networks already stressed by these enthusiasts, it’s easy enough for attackers to add that extra bit of malicious traffic that buckles the infrastructure.

The emotional weight

Gaming platforms do more than allow people to play the games they love. They offer escapism into exciting worlds, allow people to try out fun alter-egos, and even enable professional careers in gaming. This is a lot of responsibility, and when gaming platforms go down in the face of a DDoS attack, the reality of that responsibility comes to light.

Gamers are often emotionally connected to the games they play, so when they can’t access them, they experience frustration and anger, all of which leads to them taking to social media and forums to express their displeasure. These displays are appealing to attackers that simply like to cause a ruckus as well as attackers that are looking to do damage to a gaming company’s reputation. Repeated downtime can not only affect gamer loyalty, with frustration leading to gamers to jump ship to a new company that seems to have their act more together when it comes to stopping these attacks, but it can influence which games people gravitate to when they’re just getting started in the world of gaming.

In short, gaming platforms are big targets for DDoS attacks that suffer big consequences when these attacks succeed, and the companies behind them need to find a way to fend off these assaults.

A quest for mitigation

With many standard security measures out of the question thanks to the nature of gaming platforms, gaming companies need to skip the patchwork filtering and blocking attempts and go right to leading professional distributed denial of service mitigation that takes into account the specific challenges involved in protecting platforms and their gamers. This includes major processing power that can instantly analyze even huge amounts of traffic to find suspicious or malicious activity, real-time information exchange that allows for immediate filtering and scrubbing directives to be issued when an attack is detected, and a network of scrubbing servers that can bounce attack traffic while keeping gamers gaming, all with a rapid time to mitigation so no one ever knows an attack was even attempted. This is what will allow gaming companies to appreciate the qualities of gamers without allowing DDoS attackers to do the same.