Mengchen was sent from The Temple of Oufei
Qubits | Official account QbitAI
Hacking is rampant and the gaming industry is in danger.
The latest incident, a DDoS attack on My World Online Live, has left the European nation of Andorra close to being disconnected for half an hour.
In this country, he has only one such telecommunications company, and mobile phone users have also suffered.
In fact, since the second half of last year, many online games have been paralyzed by cyber attacks.
In August, the Final Fantasy 14 European server was paralyzed and recovered 12 hours later.
In December, Blizzard's U.S. servers were attacked by a four-hour night raid, leaving Overwatch, World of Warcraft, and Hearthstone players to play.
The domestic mobile game "Yi Jian Xing" was blackmailed by hackers and stopped on the first day of service.
The developer did not pay a "protection fee" to the hacker, but refunded all players to recharge in the same way, with heavy losses.
At one point, he even considered changing the online game that had been developed for 3 years to a stand-alone version.
During this period, the games that were targeted also included escape from Tarkov, dawn killing machine, etc. Titanfall 1 was unable to resist malicious attacks, and developer EA directly chose to take down the shelves and stop selling.
Now, Microsoft has also recently revealed that last November, an Asian customer of Azure Cloud suffered the largest DDoS attack in history.
It was a distributed attack with tens of thousands of attack sources from more than a dozen countries and regions, with a peak bandwidth of 3.74Tbps, 50% higher than the previous record high.
Large-scale DDoS attacks at 2-3Tbps were more than twice in December and have only now been known to have been announced.
Because Microsoft itself has carried it down.
In addition to the offensive and defensive battles, Microsoft also made a statistical analysis of all DDoS attacks in Q3 and Q4 in the two quarters.
The game industry was found to be the primary target of hackers, and the popularity of mobile games in China, Japan, South Korea and India became the hardest hit areas.
Why DDoS attacks target the game
Hacker gangs use DDoS to attack games, many of them for ransom.
Online games are relatively gold-absorbing, and the life cycle is short, and in order to make money, game companies can easily bow to hackers and pay "protection fees".
Like the developer of Yi Jian Xing mentioned above, there are not many who bear greater losses and hack their own.
The cost of a DDoS attack is low enough that attacking an unprotected site costs only $300/month.
The cost of defense on the side of the game is high.
Multiplayer games are afraid of network problems, hackers do not need to spend a lot of effort to paralyze the server, just the delay can affect the player experience.
The game server also needs 7 * 24 hours online, the stability of the server requirements are very high, once attacked, it is easy to cause player loss, and then the reputation of the game declines.
Among the DDoS attacks against games, the most common is "UDP flooding".
In the second half of 2021, UDP flood attacks accounted for 55% of all attacks, an increase of 16% over the first half of the year.
UDP is a user datagram protocol, no need to establish a connection can send data, the advantage is small overhead and fast speed, the disadvantage is that the security is not as high as the TCP protocol.
An attacker can use UDP to send large amounts of data to multiple ports of the target server without having to gain communication privileges beforehand.
In turn, the target server must send packets of the same size, telling each attack source that this port is unavailable.
Eventually drowning in a torrent of data, normal users' access requests are blocked.
Of course, there are also ways to prevent it, and major cloud service providers and network security companies have security services for DDoS attacks.
But these services are often more expensive, small companies are harder to afford, and hackers for ransomware game companies are becoming more rampant.
One option for small projects is a security service like Cloudflare, which ranges from free to $200.
What can also be done is to protect the real IP address of the server as much as possible, and the other is to actively alarm.
It is worth mentioning that DDoS attacks are punishable in many countries.
On the mainland, it is a crime of damaging computer information systems and is punishable by fixed-term imprisonment of not more than five years or criminal detention.
If the consequences are particularly serious, they shall be sentenced to fixed-term imprisonment of not less than five years.