According to NSFOCUS 2018 DDoS Attack Trend Report, the gaming sector has become the second biggest victim of DDoS attacks, receiving 27.6% of the total number of attacks.
The gaming sector is most favored by hackers all the time and DDoS attacks are quite cost-effective. Specifically, launching an attack against a chess & card game costs only 5000 to 10,000 yuan per day, but this can exert a great impact on the gaming company, with a daily loss up to millions of yuan. No wonder hackers ask for a higher ransom. Gaming industries always face fierce competitions with peers and DDoS attacks are commonly seen between competitors. Chess & card games are most severely affected by DDoS attacks, and attacks with peak traffic of over 100 Gbps and even over 1 Tbps are nothing new.
To avoid slow response and disconnection, customers are willing to pay for anti-DDoS service for the sake of a good game service quality. Especially during the test phase of a game newly going live, the game publisher is willing to pay for anti-DDoS services, no matter how expensive they are. A big gaming vendor can spend tens of millions of yuan on anti-DDoS services, only expecting that such services can help them defend against DDoS attacks.
The following figure shows the typical network topology of chess & card game customers. Hackers initiate targeted attacks against different service traffic. For example, they will launch massive UDP flood attacks against game servers running UDP and C&C attacks against HTTP traffic-based forums and online shopping malls. Generally, there are three types of servers that game customers need to access, namely, the game server, control server (including the login platform), and recharge server. The latter two servers should be protected with the best protection resources.
The anti-DDoS requirements of game customers are mainly as follows: (1) business continuity; (2) low latency; and (3) able to protect against massive attacks and resource consumption attacks. NSFOCUS can provide the Collapsar Cloud-based Scrubbing Service for game customers.
By replacing the source website server IP address with an IP address for advance protection to provide online services, this solution diverts all traffic to the cleaning cluster and cleans the traffic at layers 4–7. In addition to protection against SYN, ACK, UDP, and ICMP attack traffic, the network-layer protection covers identification and prevention of unknown attacks based on behavior analysis. The application-layer protection is against C&C attacks, low-and-slow attacks, SSL attacks, and attacks with custom signatures. During the protection, long connections of normal services are well protected, without business interruptions.
In the case of volumetric attacks, we are confidently defend against them by providing customized protection resources for customers, which are capable of withstanding DDoS attacks peaking at 1 Tbps. With 14 cleaning nodes all over the world, we can configure the near-source cleaning node for customers, so as to control the latency within a certain range. In so doing, we can resolve the latency problem concerned by customers.
So, next time, if any rich game customers who frequently suffer DDoS attacks turn to you, remember to use the NSFOCUS DDoS cleaning cloud!