History repeated itself for Blizzard.
Blizzard’s World of Warcraft: Legion launch faced a cyberattack. According to Blizzard, a distributed denial of services (DDoS) attack causing high latency issues and disconnections during connection happened at the launch of the new expansion. This is the latest in a run of ill luck for the online gaming company, which has now seen three such attacks over the last two weeks.
Just last week, Battle.net was down across the board twice, as multiple DDoS attacks engulfed Blizzard’s online game servers along with the official website and forums. Like all online gaming companies, Blizzard does take steps to fight such attacks. But it should consider boosting this work in light of the recent wave of DDoS strikes.
The third DDoS attack in the same month
As you would have expected, Blizzard did acknowledge the matter in their tweet, mentioning that it was “monitoring an ongoing DDoS attack against network providers.”
What is more interesting is that this is the third time in the same month that we have seen Battle.net servers go offline because of a DDoS attack and is the fourth time this year that we have seen the servers go offline.
We are currently experiencing issues with our community sites and forums. We will have them working again as soon as possible! #BlizzCS
— Blizzard CS EU (@BlizzardCSEU_EN) August 23, 2016
The first DDoS attack this year was back in April when World of Warcraft servers went offline completely. The DDoS attack, which was at a small scale, managed to take down all of the servers of the game and was made at the time of release of the game’s Warlords of Draenor expansion. The hacker group Lizard Squad claimed responsibility for the attack at the time. This group of hackers has been notorious for such activities in the past including the dreaded Christmas DDoS attacks on Xbox Live and PlayStation network.
The second DDoS attack, which started August 2, managed to take down all of Battle.net game servers for a span of two hours with players not being able to connect to the game’s servers.
Protection is necessary
The fact of the matter here is that game servers and players need to protect themselves from these kinds of attacks. The problem here is that Blizzard needs to work with all of their network providers and make sure that their servers are not prone to such attacks. This is extremely important because all of their games depend on Battle.net servers and if they go offline, like in this situation right now, players are essentially locked out of their game.
The important point to note over here is that while Blizzard cannot secure themselves to fend off all kinds of DDoS attacks, there are a few ways that they can use to mitigate themselves from these kinds of attacks.
Multiple layers of firewalls
In a rapidly changing environment, Blizzard should make sure that all of their servers have the necessary firewalls and the tools to identify bogus traffic which eventually brings their servers down. All of the major hosting providers around the world today have all of these features and since Blizzard is probably one of the biggest clients for these companies, they should ask providers to employ multiple layers of firewall for additional security on their servers.
Considering this situation, a multilayered, application-level firewall along with the ability to distinguish between fake and genuine traffic is important now more than ever before. With the rapidly changing pace of technology and the ways perpetrators can bring down a server without making themselves known, one can only imagine the level of damage that can be done if necessary protection is not employed in due time.
Pool of backup servers
Another way to fight off these DDoS attacks is to make sure that they have backup servers and a dynamic pool ready in case of attacks. A dynamic pool will allow them to employ additional servers in the case of a DDoS attack and while it may not bring them down completely, it will help them keep their services available to all gamers even when attacks are in progress.
A multilayered attack at the application level makes DDoS protection even harder to achieve since it is not just the matter of attacking the network layer. This is especially true for gaming servers today which are not just providing services via web pages on the HTTP and the HTTPS protocol, but also on other ports for gaming services. Blizzard fits here perfectly because they are offering a number of different services for different games along with their web pages in the same pool of servers.
Hiding the last-hop IP
Many organizations hide their last hop or router IP to protect their servers from DDoS attacks. Protection on the last hop can be increased by either masking the IP or adding multilayer firewall. To initiate a DDoS attack on a game server, the target becomes the router IP. If the router IP is not available, the target becomes the last available IP for a particular game server. Even if a malicious attack is initiated on the last available IP, pool of backup servers can come into play in redirecting the game data through a different route.
In these times of widespread DDoS attacks, it is necessary for Blizzard to take additional steps and go above and beyond to prepare themselves for any sort of DDoS attacks that might come their way
Last year, when Blizzard released World of Warcraft: Warlords of Draenor expansion, it faced a massive DDoS attack. Blizzard needs to develop a mechanism to protect its servers from such attacks instead of reacting to such scenarios. With huge success of Overwatch and new updates for other games, Blizzard now has to work proactively for a DDoS free-gaming environment.
Aurangzeb A. Durrani is a former professional gamer and has been in eports since 2006.