Distributed Denial of Service (DDoS) has been a plague on the Internet for decades. DDoS is a cyberattack that overwhelms servers or users with voluminous traffic or requests, affecting performance and user experience.
While several mitigation techniques exist to protect servers from DDoS, it remains a scourge to organizations, especially regarding gaming. Whethther you’re developing your first title or you’re an established publisher, game DDoS protection is an integral part of providing seamless service to your customers.
What Does DDoS Mean in Gaming?
In gaming, there are two main concerns regarding DDoS.
First are attacks on individual gamers. Due to the competitive nature of online gaming, this tends to be the most common form of DDoS in gaming. Attackers find the IPs of other gamers and eat up their bandwidth by inundating their connections with traffic/requests. The victim of a DDoS attack experiences poor and unstable performance, giving the attacker a competitive gaming edge. These attacks can even force players to disconnect from lobbies and matches.
Outside of gamers attacking one another, the other type of DDoS attack in gaming directly targets servers of video game publishers or common platforms like PlayStation, Xbox, and Steam. As these attacks are intended to disrupt the entire system, they’re likely not motivated by competition. Like DDoS attacks on any other server, DDoS on game servers aims to overwhelm and bog down the servers with excessive amounts of traffic.
Imagine there’s a hot, new multiplayer title gaining a ton of attention from gaming content creators (think Among Us or Fall Guys during peak interest in 2020). However, despite the positive press leading up to launch day, the publisher notices an uptick in negative sentiment from social media platforms. This is because the studio's founder is often outspoken about hot-button issues such as climate change and inclusion in gaming. And even though the developer and operations teams guarantee a smooth launch, thousands of players can’t access the game as hacktivists DDoS the servers during launch day.
In the above scenario, a group of bad actors banded together to activate their network of bot traffic to flood the game developer’s server as part of a DDoS attack. Although players can log in within 12 hours after the launch, who knows how well the public reception would have been had there been no DDoS attack.
Why are game servers targeted?
Attackers turn to DDoS attacks for reasons such as revenge, hacktivism, political motivations, or as a precursor to a more severe attack like a data breach. Outside of these reasons, DDoS attacks in gaming are motivated by hackers seeking attention, recognition, or simply amusement. Gamers tend to be a vocal group and will loudly voice their frustration due to a successful DDoS of their favorite game’s server, giving the attacker the attention they seek.
Money does not seem to be the primary motive behind most DDoS attacks, but there are cases where it is a factor. For instance, let’s examine what DDoS means in Minecraft. Some Minecraft servers have been known to attack rival servers in hopes of stealing their users. Another common reason for DDoS attacks in the Minecraft community is to cause frustration for gamers on a server—also known as griefing or trolling, which can have negative monetary consequences for the targeted community.
With the ever-looming threat of attacks, it’s clear to see why game server DDoS protection is so important to gaming companies. Even big names in gaming that you might expect to have strong budgets for security are susceptible. As recently as 2020, Activision Blizzard servers suffered a DDoS attack that interrupted the gameplay of popular titles like Overwatch, World of Warcraft, and Call of Duty.
How to DDoS a Game Server
A good way to stop DDoS attacks in gaming from happening is to understand how they work. As stated earlier, DDoS attacks work by overwhelming servers with traffic and requests, thereby bogging down the server so it can’t work for legitimate users.
Generally, there are two types of DDoS attacks in gaming:
- Volumetric, or bombardment: Works by sending more traffic to the server than it can handle.
- Layer 7, or technical infections: Disrupts an application on the server by sending it more requests than it can handle.
Layer 7 attacks have become more common as these attacks take fewer resources to execute. By focusing and taking down a vulnerable server application, attackers are often able to take down the whole server. An issue these attackers face concerns the bandwidth needed to conduct their DDoS attacks. After all, sending requests to a server does use bandwidth.
Unfortunately, cybercriminals have a seemingly never-ending source available to them, namely Internet of Things (IoT) devices. For the most part, these IoT devices don’t have adequate firmware or security systems you might see in other connected devices. This makes them prime targets for hackers who can use malware to take control of the devices and leach off of their bandwidth to conduct DDoS attacks.
How DDoS Protection for Gaming Works
There is an ebb and flow to the threat of DDoS to gaming. As security measures become more advanced to slow down DDoS, the attacks seem to eventually become more advanced, causing a sort of tug of war. That said, there are effective measures to take for game DDoS protection.
- Identify Incoming Traffic and Requests: To identify traffic and requests coming into the server, software and firewalls can fairly accurately identify insincere traffic and act as a gatekeeper. This can keep DDoS attacks from successfully grabbing hold of the server. Authentication procedures such as CAPTCHA can also help to verify that incoming traffic is genuine. However, firewalls are just one line of defense against DDoS attacks and not a perfect gatekeeper. Consider that they can become overwhelmed, have rules fooled by SYN floods, or attackers can target assets that aren’t behind a firewall.
- Use a Reverse Proxy: While not entirely designed for DDoS, a reverse proxy server acts like a buffer between traffic/request and the actual dedicated gaming server. This helps mitigate DDoS as the attackers don’t have direct access to the server.
- Use VPN as a Shield: On the individual gamer level, using a VPN goes a long way towards stopping DDoS attacks. Instead of seeing the target’s IP, the attacker will see the VPN and attack it. VPN’s are almost always more prepared to handle DDoS attacks than the average gamer.
It's worth mentioning that DDoS protection is more about prevention than it is reactive. While VPNs are a great tool gamers themselves can employ, developers should consider hosts that offer protection to protect networks and gamers with tools such as Cloudflare, Arbor Networks, Akamai, and Barracuda.
How to Keep a Game Server Available During a DDoS Attack?
DDoS attacks are common, but they aren’t always as successful as attackers would like. The best way to thwart a DDoS attack and keep your game server running is by practicing a preventative approach by employing the game DDoS protection measures explained above. They are designed to thwart DDoS attacks with as little disruption to your servers as possible.
Dedicated server hosting services often offer built-in DDoS protection. Typically, these services will include a set volume of DDoS bandwidth protection. All Liquid Web servers include basic DDoS protection of up to 2Gbps. In addition, you can upgrade the service for even more protection against volumetric and Layer 7 attacks. Learn more about Liquid Web’s game DDoS Protection options.
About the AuthorMore Content by Jeremy Sorensen