DDoS attack impacts global game developer launch

12 October 2022 | Security Team Global Secure Layer

How we can all learn from a highly anticipated global game launch. 

Blizzard Entertainment has again been hit with a DDoS attack yesterday (11 October), this time impacting the whole of Battle.net. As a result players are experiencing high latency as well as disconnection for some players. This is the second incident in the space of a week in which Blizzard have been the target of DDoS attacks.

Last week the launch of the new Overwatch 2 game was released. For those not too familiar with Overwatch 2, it is a first-person interactive game developed and published by the world-leading game developer and publisher Blizzard Entertainment. The launch of any game always presents potential challenges with things not going as smoothly as initially thought, but in the instance of Overwatch 2, they were hit with a damaging DDoS attack within the first few hours of releasing the game and a second DDoS attack within the first 8 hours. 

Shortly after the game was released, gamers were stuck in lengthy login queues of up to 30,000 people, only to run into connection errors after making it to the menu. Blizzard president Mike Ybarra tweeted on 5th October “Teams are working hard on server issues with Overwatch 2,” Blizzard CEO Mike Ybarra tweeted. “We are humbled by the excitement of players and will continue to focus on issues and get players into the fun! Thanks for your patience.” 

Ybarra clarified: “Unfortunately we are experiencing a mass DDoS attack on our servers. Teams are working hard to mitigate/manage. This is causing a lot of drop/connection issues.’

Aaron Keller, Game Director of Overwatch 2 said Blizzard will work throughout the night to deal with the server issues and a second DDoS attack.

Now while some of you may be thinking, this isn’t such a big problem, the players just had to sit in a long queue before they could play Overwatch 2. Imagine if the end target of these DDoS attacks wasn’t a world-leading game developer but was a different industry entirely. Imagine if it was the finance or healthcare industry that is dependent on being online and accessible. The implications of being offline or even down for a period of time would be crippling. 

This is a perfect example of how DDoS attacks are often used as a smoke screen to divert critical time away from the actual root cause of the problem at the time. 

Let’s take Overwatch for example, the engineers had other issues arise when the game was launched such as SMS authentication concerns, server crashes and issues with players migrating old accounts in with new ones. On the day of launch, these issues were exacerbated by DDoS attacks—while they did not directly cause any of the above issues, they made the environment in which the engineering and technical teams had to work far more challenging. The engineer's time was then diverted to dealing with the DDoS attack rather than working on solving the root cause of the problem.

So what is a DDoS attack?

A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal operations of a network or service. Attacks flood a target with the goal of overwhelming them with legitimate looking (bots) or completely non legitimate traffic.

When a DDoS attack occurs, the end target experiences a crippling interruption in one or more of its services because the attack has flooded their resources with HTTP requests and traffic, denying access to legitimate users. Volumetric DDoS attacks are the most common vector which rely on overwhelming the underlying network, sending 1Tbps of bad traffic to the target network that can only handle at most 100Gbps for example.

More surgical DDoS attacks may attempt to overwhelm the target service e.g. a website not the network, by sending thousands of requests but remaining under maximum link speed. This then becomes resource intensive, cost intensive and ultimately can impact the bottom line. This is a perfect example of why having proactive and reactive DDoS protection is a necessity. 

How can our DDoS mitigation help

This last year has set a precedent in the cyber security space and highlighted the vulnerabilities organisations’ are exposed to. Whether that be a multinational, government agency or SME, it has demonstrated the absolute need for these companies to have both a proactive and reactive DDoS mitigation solution. This online landscape we are now all exposed to is the new norm and as a corporate world, DDoS mitigation needs to be at the top of the agenda for all online businesses.

Our in-house DDoS mitigation capabilities have the ability to not only mitigate against the most sophisticated and recent attack vectors but also learn from previous attacks allowing it to grasp sophisticated patterns and protect against them. 

By having our DDoS protection inline with your network, it can mitigate an attack in under 1 second. With advanced attack detection and rule sets with real time packet inspection, we ensure your network is protected inline. Our security team is constantly reviewing attacks 24/7 in real-time. Our DDoS protection takes a matter of minutes to turn up and seamlessly integrates within your network. Our global network edge ensures threats are surgically removed at the edge before reaching your services. 

If you are currently experiencing DDoS attacks or are wanting to be proactive and have a secure system in place quickly given the current situation, we can have our DDoS protection turned up in a matter of minutes and seamlessly integrate with your network.

Get in touch with our security team today.