Riot Games on the verge of legal action with recent DDoS attacks from hackers
I admit it. I occasionally play some video games now and then. I wouldn’t quite classify myself as a gamer per se, but I’ve been known to rally the troops in a game of Modern Warfare 3. Perhaps things even got a bit tense around the office during lunch time. Of course, that tends to happen when you’re pantomiming the “raise the roof” dance while shouting “in yo face” at your coworkers. Winning streaks tend to invoke the strangest outbursts.
Of course, the losing side of the equation usually becomes … well, irritable. Riot Games knows all too well what some bad apples will do when they’re on the wrong side of winning. This week they found themselves on the wrong side of a Distributed Denial of Service attack. Apparently, some players began using DDoS attacks to knock live games offline. The hackers were targeting League of Legends. The game, owned by Riot, has been dubbed the most popular online PC game and has been featured in Entrepreneur.
The attacks began earlier this week. Riot Games had this to say:
“As some of you have recently experienced, a handful of players have been attacking our live service to kill games that are in-progress. They’re doing this through a form of Distributed Denial of Service attack (DDoS) and not a hack,” Bellissimoh, a developer with the company, posted on the official forums.
“We have taken steps to identify these attackers and remove them from our service permanently. Additionally we are pursuing legal avenues and working with the proper authorities,” he continued.
“We’re doing everything we can to implement short- and long-term solutions to fight these types of activities. When someone’s intentionally ruining the experience of other players, we take it very seriously.”
It looks like the jig may be up for script kiddies everywhere. The fact is, businesses far and wide are tightening the reigns and fighting for stiffer penalties against hackers threatening their services. This heightened pressure on authorities may help increase prosecution, but DDoS attacks have been picking up in frequency dramatically. Chase, Wells Fargo, and a number of other institutions were attacked earlier this month.
To understand how a DDoS attack works, it’s important to understand how your computer sends information. When your computer transmits data online it is essentially asking to speak with whatever machine or server you are attempting to connect to. When the second machine receives the communication it responds back to let your computer know it got the message. Think of it as you asking someone if they can talk and they say “yes”. This is called a handshake. Now the information that is being sent back and forth is referred to as packets. The name sounds exactly like what they are – tiny bits of information sealed up with a date and return address, just like a letter. Once both parties get their mail, the conversation can continue.
A more technical explanation of the process can be explained this way: The first packet sent as part of the “handshake” protocol is referred to as the SYN packet, short for synchronize. The receiving machine responds back with an ACK packet, or acknowledge packet bundled with another SYN packet. The original conversation-starter replies with a final ACK, and then the conversation can start. The computer who sends both the SYN and the ACK at the same time sends a combined packet, usually referred to as SYN/ACK. This makes the protocol a three-packet protocol: SYN, SYN/ACK, then lastly, ACK.
Most hackers focus on manipulating network protocol.
A denial of service attack takes advantage of the “handshake” – you remember what that is right? Well, what happens is the first packet is sent to the target computer and from there the same process occurs – except this time, when the computer responds back telling the sender it’s ready to communicate the message is ignored. Instead, more communication requests are sent. What this does is tie up processing resources as the target machine repeatedly fields illegitimate requests. This keeps the machine so busy that it is unable to respond to legitimate users. Distributed denial of service attacks amplify the problem and have the potential to drain large amounts of resources, eventually causing performance lag and failure. This keeps the machine so busy that it is unable to respond to requests from people actually trying to access the site.
What the future holds
After the recent debacle with the alleged Iran hacker group attacking Chase, and the recent string of attacks on other institutions, businesses and individuals are recognizing the problem. In the past few months, the most notable attacks have been on WikiLeaks, Chase, Wells Fargo – and now a video game. The pure randomness only goes to show how common this is becoming. DDoS protection and mitigation, at least for businesses, may just very well be as needed as the antivirus software installed on your computer.
Until next time.