Rishi Agarwal explains how to beat DDoSers at their own game
No industry is immune to cyber-attack. Last year we saw data breaches and DDoS attacks in higher education, the entertainment industry, banking and big retail, to name a few. However, gaming sites and their hosting providers are consistent targets. In fact, according to recent research, in the second half of 2014 DDoS attacks targeting online gaming were the fastest growing attack. There are specific reasons for this, as well as specific actions hosting providers can take to defend themselves.
Why Gaming Sites?
DDoS attackers focus their attention on game servers so often for a number of reasons.
The majority of DDoS attacks are targeted against servers to cause latency in the network, which interrupts gameplay. Some attacks are just launched by a hacker to show off. Others may be based on a desire for retaliation against other players, game mechanics, or the desire for some gain, such as wanting to remain the top player.
Other attacks are launched for monetary gain, though. A DDoS attack can shut down gameplay, which means that the gaming company is losing money every second it is offline. There have even been reports of hackers who have blackmailed organizations, demanding a fee to end the attack.
DDoSers also try out new botnets or attack methods on gaming sites because the latency created by DDoS attacks provides them with instant feedback on the success of their method. Whatever the reason may be, these attacks can be devastating to not only the gaming companies, but also to the providers that host the data.
Defending Against DDoS
Cybersecurity solutions today seem as varied as the attacks they aim to defend against, and it can sometimes be difficult to navigate the market. Below are five best practices to consider when building a secure and well-rounded network environment.
1: Make a Plan. The instant a DDoS attack is detected, your team should be able to respond to and understand the type of attack that is occurring. Provide your team with a comprehensive plan on how to react when a DDoS attack happens. Include accountability and reporting functionality.
2: Secure the Perimeter. While DDoS attacks can’t be prevented, their impact can certainly be lessened. Organizations and service providers should enhance existing security portfolios with appliances that are located at the edge of the network, keeping DDoS attacks away from core defenses. This allows them to do what they are designed to do: monitor, clean and restore incoming and outgoing data.
3: Pay Attention to the Back End. Prepare and equip security teams to be vigilant on the back end, looking for exfiltration attempts. Tighten rules on firewall settings and start closely monitoring the ports in critical databases to check for unusual activity.
4: Security from Every Direction. To protect against advanced persistent threats, organizations – and particularly data centers – should implement a layered defense strategy that watches the back end as well as the front. Security teams must be able to identify, and react in real time to vulnerabilities regardless of their location in the network.
5: Detailed Reporting. Look for solutions that provide your team with detailed reporting on the nature, origin, size and frequency of the attack so that you can better understand it after the fact.
"Security teams must be able to identify, and react in real time to vulnerabilities regardless of their location in the network"
DDoS attacks come in several forms, and hackers continue to modify them to suit their various needs. It is important for organizations to find solutions that can defend against all of them. Pricing is a key differentiator in this market, so comparison shopping is advised.
In an era where gaming sites and their hosting providers are hit frequently by DDoS attacks, protection against them has become a necessary cost of doing business. When play stops, the financial consequences can be significant, not to mention brand damage. An added concern is that the attack may be a smokescreen to distract the security team while sensitive data is exfiltrated on the back end. Following the best practices listed above will enable hosting providers to defend against DDoS attacks and keep online games in play.
About the Author
Rishi Agarwal is chief evangelist at NSFOCUS. He has broad domain expertise in network security, compute and storage. Prior to NSFOCUS, he was a senior manager at Arbor Networks. Additionally, he has worked at leading technology vendors such as Microsoft, Intel and SanDisk.