Posted on October 10, 2018 at 11:52 AM
Ubisoft, one of the largest gaming companies today, seems to be the latest victim in a long chain of DDoS attacks. The French gaming giant was preparing for the launch of the latest title in their Assassin’s Creed series, only to be disrupted with a hacking attack over the weekend.
Hello everyone. We’re experiencing a series of DDoS attacks, which may impact latency or connections to our games. Stay tuned for the latest here: https://t.co/t1g2ObIvvl
— Ubisoft Support (@UbisoftSupport) October 5, 2018
The recent report issued by NETSCOUT Arbor claims that DDoS attacks mostly target online gaming. Such attacks are usually performed for several reasons, including a demonstration of the attackers’ capabilities, or plans of extortion.
The attack on Ubisoft came after the announcement that Assassin’s Creed: Odyssey is about to be launched. The company is has had large success with previous installments of this game series, and many saw Odyssey as a crown jewel of the franchise. According to 2017/2018 reports, the company managed to make around £1.5 billion in sales, which is likely one of the reasons for the decision to target them.
Gaming companies are most vulnerable during game launch
Only last week, Computer Business Review released a new report, claiming that Ubisoft will team up with Google in order to allow their game to be streamed in-browser. Players could choose to take a role of outcast Spartan mercenary Alexios, or his female counterpart Kassandra, and fight in the Peloponnesian War.
Considering the turn that Assassin’s Creed seems to be gaining with this and a previous installment, fans were highly excited about the upcoming game. This is why many were left enraged when the attack left them unable to buy the game or access Ubisoft’s servers for several hours.
can't conect to Ubiclub from ingame, what's wrong with your servers?
— Brother Andrej (@BriGGySmaLLzb) October 5, 2018
Computer Business Review managed to get in contact with the company and ask for comments on the situation. NETSCOUT Arbor’s principal security technologist, Kirill Kasavchenko, stated previously that there are numerous reasons why DDoS attacks are performed against the gaming industry. Whatever the reason may be, the fact that gaming companies are at risk remains.
Additionally, he pointed out that companies are most vulnerable during game launches, and that not being able to provide service to customers at that time can have serious consequences on the game, regardless of its own quality. This is why companies are known for putting extra effort into trying to take all necessary precautions and ensure that the game launch goes without incidents. However, it would appear that it is impossible to predict every possibility, and because of that — incidents like this still remain possible.
Kasavchenko added that gaming companies need to understand the simplicity behind the DDoS attack to truly learn how to fend them off. Not only is the process of launching attack really simple, but there are also various techniques of performing it. He then provided several pieces of advice regarding what gaming companies should do in order to prevent such incidents.
The number of DDoS attacks continues to grow
According to a recent report issued by Akamai, 2018 has seen a 16% increase in the number of DDoS attacks when compared to 2017. The largest attack has set a record of 1.35 Tbps. In their report, Akamai explained how huge the size of this attack was by comparing it to the amount of information transported via intercontinental undersea cables. A single TAT-14 cable is capable of transporting around 3.2 Tbps of information, While this is still more than the size of the largest reported DDoS attack, it should provide some idea of how huge this attack actually was.
As for advice regarding how to build resilience against regular DDoS attacks, the first step would be checking DNS TTL (Time to Live). The value will determine just how long a piece of data can remain valid. TTL basically limits how long will DNS settings be cached with ISPs. In other words, if a certain website has a TTL set at three hours, DNS servers will not check for additional DNS updates for this particular website after that duration.
Additionally, if the website uses a DNS-based on-demand DDoS mitigation solution, its TTL will likely require lowering before a DDoS attack arrives. Mitigating DDoS attacks can be performed through a large variety of “homegrown” solutions, services based on cloud technology, or different appliances deployed within data centers themselves. However, if the Ubisoft incidents can teach us anything, it is the fact that even those with the most experience in this area can be caught off-guard.