The COVID-19 pandemic has undoubtedly caused global disruption and strife. One of the fallouts of the pandemic has been a significant shift in behavior. Most obviously, lockdowns and social distancing measures resulted in entire workforces becoming remote. In addition, the dramatic change to socializing caused many people to significantly change how they spent their time as many activities were no longer possible. Online gaming and gambling activity skyrocketed globally as a result of this, becoming an increasingly popular way to pass the time, escape from reality and connect with others through a virtual platform.
Though this surge in activity greatly benefitted the online gaming and gambling industries, it also led to a surge in worldwide cyber-attacks, with rapidly evolving attacks and made to evade conventional cybersecurity measures. Recently NETSCOUT published its annual Threat Intelligence Report, which demonstrates how the number of weaponized distributed denial of service (DDoS) attacks so far this year, meant to deliberately overwhelm online services, has put a substantial strain on global supply chains and networks that we so heavily depend on.
Targeting Online Gamers
DDoS attacks targeting online gaming platforms are not a new occurrence. Indeed attacks on individual players have become increasingly common over the past decade. However, the explosive growth of gaming during the pandemic has added even more fuel to this fire. So how do these attacks work?
One-on-one sessions and voice messaging services are commonly used gaming practices, which puts unsuspecting potential victims in direct view of their attackers through competition. Most online gaming platforms typically hide a player’s IP address, making it difficult to target an individual. However, many gamers who use private servers may unintentionally reveal their IP address and information to administrators or other fellow players. In addition, third-party messaging apps used by groups of players or teams may also unintentionally disclose their IP information.
An IP address provides unique information to identify a single electronic device connected to the internet, allowing data to be exchanged between a device and its local network. Once located, the attacker can launch a DDoS attack against their target’s specific device. When the attack begins, the individual will experience a sudden lag in the speed and quality of their game, leaving them completely unable to play. The result is that the attacker can then win the game.
Supply Chain Damages
Although this may seem like a lot of effort for a small reward, the repercussions are large. These attacks can cause significant damage to service providers and their customer base. In addition, these DDoS attacks often end up affecting large swathes of the internet service provider’s customer base adjacent to the targeted victim, which then has a knock-on effect in the broader connectivity supply chain.
The telecommunications industry is no stranger to cyber-attacks. As their services provide a bridge to access other critical sectors, services and large populations of online users, they are a prime target. However, the increased volatility of the attacks has caught these companies off guard. In addition, the damages from these attacks cause internet outages that can impact thousands of users on a large scale.
Ultimately, causing the maximum amount of disruption is the primary goal for attackers who choose to deploy any DDoS attack. Disrupting internet service providers essentially achieve two different objectives at the same time, allowing attackers to shut down a company’s operational infrastructure along with their customer base. Internet services and telecommunications providers become secondary targets, which cyber-criminals use to progressively attack upstream and downstream connectivity to defeat their primary target in a videogame.
Preventing DDoS Attacks
To best defend against a DDoS attack, global companies within the sector need to know what these attacks entail. One way of doing this is to collaborate with other companies to learn and strategize together. Through their combined experience and knowledge sharing, providers can create a plan of best security practices that effectively combat possible threats. Providers should also develop the infrastructure needed to meet users’ needs while delivering a high-quality and secure environment.
It is equally crucial for online gaming platforms to implement effective and powerful cybersecurity measures to protect their customers and players from attacks, keeping players safe while using their platform. Collectively, companies need to regularly test their DDoS defense systems to ensure that appropriate upgrades are made to the online systems and integrated into the broader defense strategy. Additionally, these measures need to be frequently upgraded to match the ever-evolving threat landscape.
DDoS attacks are a constant threat that can potentially form a damaging ripple effect that can spread to other critical industries and users globally. These attacks have only grown in their complexity and volatility, especially since the height of the pandemic. However, this should motivate vulnerable and critical industries to further invest in cybersecurity to defend against these attacks