How to Win the DDoS Game

Xbox Live is again making headlines, but not in a good way. Earlier this week the company suffered various service outages that kept thousands of Xbox gamers at bay. According to Inquisitr and Newsweek, the rumor—unconfirmed by Xbox Live—is that the outages may have been caused by a series of distributed denial of service (DDoS) attacks. (New World Hackers, an anonymous group that was previously credited with a DDoS attack on the BBC, claims to have executed the attacks.)

Regardless of whether this incident was caused by a DDoS attack, it is well-known that DDoS hackers love to wreak havoc with online gaming companies, often around the critical times of year when gamers most want to play. Sony’s PlayStation Network was plagued by DDoS attacks during the December holidays in 2014 and 2015. For gaming companies, DDoS attacks are actually an everyday occurrence; it’s only the large-scale attacks that cripple their sites and make the headlines. But even the smaller attacks can create downtime, which is a huge problem for the online gaming industry because any service downtime equates to a drop in visitors and a corresponding loss of revenue.

Gaming companies might be wise to follow in the footsteps of Jagex, a UK-based online gaming company that publishes popular gaming communities including Runescape and War of Legends. With the Corero SmartWall® Threat Defense System in place, Jagex can absorb any DDoS attack up to 400% of its normal daily capacity and keep all services to users running smoothly without any disruptions. This has led to an immediate decrease in customer-impacting DDoS events and better retention of existing customers. “We can now absorb roughly 95% of all DDoS attacks made on our systems with zero impact to our services, which means customers are getting a much more seamless experience,” said Barry Zubel, Head of IT at Jagex. “That in itself is a huge result for us.”

Gaming companies who have sub-optimal DDoS protection have to spend staff time to troubleshoot DDoS problems. “We experience around ten attacks per day,” said Zubel. Zubel continued:

“That could mean costly call outs for IT staff who would have to be available around the clock. Without Corero, we might need to increase head count by 200% or more to deal with the problems and ultimately it still most likely wouldn't be as effective as the Corero solution.”

Unfortunately, DDoS attacks are not likely to go away anytime soon; in fact DDoS attacks have been increasing and are likely to continue doing so because they are so inexpensive to obtain and easy to launch. Traditional scrubbing solutions aren’t sufficient to handle the flood of DDoS attacks, especially since hackers are getting more sophisticated at launching low-level attacks that evade the radar of scrubbing solutions. In-line, automated DDoS mitigation solutions are the only way to win against the hackers who play dirty in the high-stakes DDoS game.