DoS and DrDoS attacks have a long history in online video gaming communities. In this presentation, get a quick introduction to the problem of attacks against players, other gaming platforms – and even financial services firms unrelated to online gaming.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
DrDoS and DDoS Attacks Involving Online Video Games Community
1. Problems with DrDoS and DDoS Attacks
Involving Online Video Games
www.prolexic.com
2. www.prolexic.com
DDoS Attackers Use Online Video Game Servers
• The technology infrastructure that supports
online gamers is also used for denial of service
attacks.
• Distributed denial of service (DDoS) attacks are
launched against:
– Fellow players
– Other businesses, including the financial industry
• Attacks date back to at least the 1990s.
• Gaming servers with poor security controls and
misconfigurations contribute to the problem.
2
May 2013 www.prolexic.com
3. www.prolexic.com
Why Do They Do It?
• Criminals use gaming servers to boost the power
of their attacks against non-gaming businesses.
• Criminals steal login:password combos and sell
them on the black market.
– In-game currency, powerful profiles and downloaded
software have real-world value.
• Gamers seek to temporarily knock competitors
off the server to gain an in-game advantage.
• Gamers target other gaming systems to damage
the playing experience on rival platforms.
3
4. www.prolexic.com
A Tradition of DrDoS Attacks in Online Gaming
• DrDoS attacks in online gaming have been around for
decades.
• It may have started with reflection attacks using
Counter-Strike, Quake and Half Life servers.
– These servers are still used by attackers today.
• The most common form of denial of service attacks in
gaming communities is called packeting.
• A packeting attack can target any IP address.
• Gamers reveal IP addresses of fellow players by using
tools called resolvers.
4
5. www.prolexic.com
DrDoS Attack Tools Use Online Gaming Servers
5
• Gaming-server aggregators provide a legitimate service
for gamers looking for a server on which to play.
• Cyber criminals use these same aggregators as a source
of possibly misconfigured and vulnerable servers.
• Attackers can increase the volume of malicious code
directed to their intended target by reflecting and
amplifying code off of many gaming servers at once.
• One tool discussed in the Prolexic white paper lets
attackers target several types of game servers and vary
payloads, which often target other industries.
• Download the white paper for specifics about a gaming attack against a Prolexic
client in the financial industry.
6. www.prolexic.com
Weaker Attacks Against Gaming Communities
• Weaker attacks target individual players or a
gaming server, such as Counter-Strike or
Minecraft.
• The attacker’s goal is to damage the playing
experience or knock a competitor off a server.
• These attacks often use simple flood attacks –
without reflection or amplification.
6
7. www.prolexic.com
Strong Attacks Against Online Gaming Comunities
• Sophisticated attacks against gaming
communities are launched with crimeware kits.
• These kits are often rented as DDoS-as-a-service.
• Tools include stressor suites and booter scripts.
• The attacker’s goal is often a large disruption of a
server or gaming platform.
• These attacks often use reflection and
amplification to increase their damage.
7
8. www.prolexic.com
Will Your Business Be Next?
• Any type of business may be a target – without
warning.
• DDoS and DrDoS attackers can use misconfigured
and vulnerable online gaming servers to attack
any industry.
• Gaming businesses are also at risk:
– As a target of an attack
– Of owning servers that are used in attacks against
others
• Prolexic has successfully mitigated attacks that
involved gaming servers.
8
9. www.prolexic.com
Download the Free White Paper
• Download the white paper, “An Analysis of DrDoS
and DDoS Attacks Involving the Multiplayer Video
Gaming Community: Part IV of the DrDoS White
Paper Series” at www.prolexic.com/drdos.
• The white paper includes:
– Details about attacks involving gaming servers that
harm gaming and non-gaming businesses alike
– A case study of a Prolexic customer in the financial
industry who was the target of such a DrDoS attack
– Prevention tips for gaming network administrators
• Download the white paper.
9
10. www.prolexic.com
About Prolexic
• Prolexic Technologies is the world’s largest and
most trusted provider of DDoS protection and
mitigation services.
• Prolexic has successfully stopped DDoS attacks
for more than a decade.
• We can stop even the largest attacks that
exceed the capabilities of other DDoS
mitigation service providers.
10