Final Fantasy XIV: Stormblood’s Servers Are the Latest Casualty of a DDoS Problem That Isn’t Going Away

Final Fantasy XIV: Stormblood’s rough start is by now well documented, and despite our enthusiasm for the game so far, its server issues were simply, and sadly, not ignorable. For a while players wondered aloud how exactly Square Enix could once again botch the sort of launch it now has so much experience with, until yesterday an explanation emerged: DDOS attacks. An anonymous third party group had been leveling relentless attacks on Stormblood’s servers, and until the onslaught sees fit to cease, server troubles aren’t likely to be resolved.

The official acknowledgement came directly via Square Enix’s own channels, where it stated the following.

We have confirmed that since Jun. 16th, we have been experiencing DDoS attacks* from an anonymous third-party targeting the FINAL FANTASY XIV game servers on the NA data center.

Our technical staff is taking every possible measure to address this issue but the attack is still continuing to take place by changing their methods at every moment. We will continue to monitor and work on recovery from every possible angle.

Square Enix describes a DDoS attack as “an attack attempting to increase the server load to an extensive level by flooding the network of the targeted servers using a massive number of computers.” Their assessment is largely correct, but with the increasing number of games falling victim to such attacks, simply fighting back and waiting for the battle to subside can be a frustratingly futile solution. The attackers know they can get a rise out of their victims because the victims have no choice but to respond and acknowledge. Otherwise, it’s a lose-lose for everyone.

There’s nothing unique about attacks on gaming servers. They’re the same type of DDoS attacks that strike banking servers, e-commerce servers, and any other servers.

Robert Hamilton, the director of product marketing for cyber security firm Imperva’s Incapsula service, has a few idea on why DDoS has become particularly hot when targeting gaming servers of late. One of the reasons gaming networks are attacked, he says, is because oftentimes “the players themselves sometimes target the sites.” Despite what you might assume, Hamilton points out that “there’s nothing unique about attacks on gaming servers. They’re the same type of DDoS attacks that strike banking servers, e-commerce servers, and any other servers.” Though interesting, that’s not exactly helpful news.


Also read: The 5 Worst MMO Launches Ever


If banks and e-commerce companies can’t even stop the dreaded DDoS, then how exactly can game publishers be expected to? Well, the answer lies not solely in a technical solution, but rather a social one. Hamilton points out that “there are two common reasons why a player would unleash a DDoS attack: to gain a personal advantage, or to disrupt the game.” While the former is possible, it’s hard to know specifically how and why such a thing might drastically help, especially when a new expansion has only just launched. If players are disgruntled, meanwhile, the situation is also challenging; most games aim to please as many of their players as possible, but even a small group of savvy attacker can unleash DDoS if they know what they’re doing.

FFXIV_Stormblood-9Spotted: the attackers celebrating. Motive: still unknown.

In the end combining a pleased playerbase with strategic prevention is about all there is to be done, and when it comes to the latter Hamilton has some advice for game publishers looking to avoid launch-window travesty.

Because network layer attacks are the most common type of DDoS attacks, there are numerous ways to mitigate the threat. The basic idea is to have protection at the network level. Most gaming servers run on proprietary protocols that aren’t HTTP-based. That makes it critical to have a DDoS solution that operates on a network layer. In order to guarantee the stability and predictability of their service, and moreover, their reputation, organizations must deploy DDoS mitigation solutions. Cloud-based solutions for mitigation of DDoS attacks prove themselves very effective against modern DDoS attacks.

While still not a guarantee (there are two other DDoS attack styles outside of network layer attacks), putting protection in place can go a long way in deflating potential threats; if your servers aren’t sitting ducks, then all but the most disgruntled intruders might decide it’s not worth their effort and time. On the other hand, flaunting your fancy defenses probably isn’t wise either – doing so will no-doubt incite attackers’ inner 4chan mentality, taking such confidence as a challenge asking to be risen to.

Either way, Square Enix has done the right thing in the transparency department, and the next step is to low-key enhance its defences without necessarily letting attackers (or even players, sadly) know about it. For now DDoS takedowns are a part of life, and beyond tech-savvy, possibly expensive cloud defense, the best solution may be to simply keep your head down and hope attackers become ticked-off at somebody else.

Source: Incapsula