Millions of gamers were unable to play online over the Christmas period, thanks to a distributed denial of service attack (DDoS) on the gaming networks of both PlayStation and Xbox, instigated by hacking group Lizard Squad.
Anyone who received an Xbox One or PS4 for Christmas was unable to get online on Christmas Day, after huge amounts of fake traffic were sent to Microsoft’s and PlayStation’s networks, causing them to crash. This meant gamers couldn’t play certain games, access the services’ online stores or download anything to their consoles.
Microsoft managed to resurrect its service fairly quickly, and Xbox Live was back up and running within a few days, but PlayStation’s network, which has more than double the number of subscribers, was still suffering during the first weekend after Christmas.
What is a Distributed Denial of Service (DDoS) attack?
A distributed denial of service attack is a strategy used by hackers to render targets inaccessible by flooding them with huge volumes of online traffic. In non-cyber terms, it would be like somebody repeatedly dialling your telephone in order to keep your line busy and prevent you from making a call.
To continue with this analogy, the ‘distributed’ aspect would be achieved if your telephone number was then passed on to hundreds of other people who also attempted to ring you.
Sony Pictures, another branch of Sony, was also hacked in late 2014. However, the two attacks are unrelated; the Sony Pictures attack was much more sophisticated, as the perpetrators stole confidential information. DDoS attacks alone do not tend to end in data being stolen; instead the service or website is simply taken down for a period of time.
After ceasing its Christmas attack on Xbox and PlayStation, Lizard Squad went on to target Tor, a secure network which allows people to communicate anonymously.
Lizard Squad are also in the frame for reported DDoS attacks on social media sites such a Facebook and Instagram along with an attack on Malaysian Airlines web site this month. It would seem DDoS attacks are the tool of choice for hackers trying to make a name for themselves. What are your thoughts on DDoS attacks? Are they a real threat to your business, would you be able to detect and defend against them? We are always keen to hear from the ‘coal face’ so to speak, please email me at firstname.lastname@example.org with your views?