Plenty of gamers have tried to log on to their favorite live-service game, only to encounter login queues, crashes, and downed servers. While natural traffic can sometimes cause these situations, DDoS attacks are just as likely the culprit. While many gamers know a DDoS attack means they probably won’t be able to play for a bit, less know exactly what they are.
In short, DDoS attacks are malicious attempts at disrupting the service of a normal server by flooding it with fake traffic. An apt comparison would be like filling a highway full of empty cars preventing actual commuters from merging and reaching their destinations. By doing so, they seek to cost companies money, customers, and reputation. This form of digital warfare is surprisingly easy to do–and just as hard to prevent.
What is a DDoS Attack?
DDoS stands for distributed denial-of-service. These malicious attacks seek to overwhelm a single server by launching attacks from multiple compromised computers, servers, and other devices. These invaders, called bots or zombies, are controlled by a single source, referred to as the attacker. After networking bots together, the attacker sends them to a single server to clog its service with an abundance of false login attempts.
These DDoS attacks can spoof hundreds or thousands of individual login IP addresses, easily overwhelming unprepared servers. By doing so, the attacker can make a server crash, preventing legitimate players from connecting. There are many types of DDoS attacks, and the most complex assaults often combine multiple techniques at once. While they vary in specifics, they all seek the same end goal–denial of service.
- Application Layer Attacks: A DDoS attack that targets the parts of a server that generate and handle information–like constantly flagging down a waiter at a restaurant.
- Protocol Attacks: Sometimes called SYN floods, these attacks send false commands to servers and network equipment–like sending fake orders to a line cook.
- Volumetric Attacks: These DDoS attacks congest servers by consuming bandwidth with needlessly complex data–like asking a drive-thru server to read the entire menu.
How to Prevent a DDoS Attack
Preventing or managing the fallout of a DDoS attack is harder than it seems. The key to doing so is identifying normal traffic from false traffic. Cutting off all traffic prevents legitimate customers from interacting with the game or service–and plays right into the attacker’s hands. Because of the variety of complexity and techniques used by attackers, mitigating DDoS attack impact involves multiple solutions.
- Anycast Network Diffusion: Splitting the server across multiple destinations–like redirecting a river into several smaller streams. This creates more manageable traffic but can still be overwhelmed with complex attacks.
- Blackhole Routing: Creating a new false destination and funneling all traffic there–like building a new road that leads off a cliff. Imperfect, as it creates a denial-of-service but a strong failsafe.
- Rate Limiting: Putting restrictions on how many requests a server accepts over a time window–like a queue for a rollercoaster. This can prevent servers from crashing but cannot handle complex DDoS attacks alone.
- Web Application Firewall: Making a layer of defense between the attacker and the server–like a bouncer outside a club. A powerful but complex defense.
Regardless of how a service prepares for DDoS attacks, it is almost impossible to make one truly impervious to their effects. As anti-DDoS technology develops, DDoS attackers will surely develop more sophisticated and complex attack strategies as well. In the meantime, understanding what a DDoS attack is–and being patient with besieged services–is the best way most gamers can help.