Read time: 3 minutes

Protect local e-Sports before it's game over

By
Johannesburg , 12 Aug 2016

Protect local e-Sports before it's game over

At the start of this year, South Africa announced its first one million Rand prize money in an e-Sports tournament, the Telkom DGL Masters tournament.

e-Sports, or electronic sports, is competitive gaming via electronic systems. It's a growing industry in South Africa with local e-Sports companies on the rise. Johann Von Backström from the Digital Gaming League (DGL) Management Company noted during the aforementioned tournament's launch: "Gaming has seen phenomenal growth over the past few years as players become ever more engaged. We already have more than four million gamers in South Africa. By professionalising the sport and developing new players, we can look forward to seeing more local talent compete on the same footing as international teams".

Its growing popularity and resulting profitability, has however also made e-Sports a prime target for volumetric Distributed Denial of Service (DDoS) attacks and as the industry grows so will the attacks, says Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

According to market research firm, Newzoo, 205 million people watched or played e-Sports in 2014, and ESPN.com stated in January 2016, "if the e-Sports nation were actually a nation, it would be the fifth largest in the world". In Newzoo's latest quarterly update of its Global Games Market Report, the research firm found that gamers worldwide will generate a total of USD99.6 billion in revenues in 2016, up 8.5 percent compared to 2015. Today, in response to its growing popularity, ESPN has a website completely devoted to e-Sports.

"DDoS attacks are a serious threat for all businesses and due to the mainly virtual network infrastructure that e-Sports and sport betting sites rely on – they are no exception," continues marketing insight analyst at Arbor Networks, Jamal Bethea. "A volumetric attack can leave some of the more sophisticated security systems down and vulnerable to further attacks. The LizardStresser (a type of botnet) is a DDoS attack that targets IoT devices including gaming devices/ consoles. By gaining access to random IPs and using user credentials, the client program can compromise the targeted user and flood their network. Some recent attacks against gaming sites have been as large as 400 Gbps."

He explains that what looks to be an exotic attack of a comprehensive network can easily and often be triggered with something as simple as a user's IP address. "This can be extremely frustrating for those gamers who spend countless minutes and hours performing factory resets or moving to different locations in an attempt to fix the issue. It's not that easy of a fix. Individuals and teams of gamers can be targeted with the intent to disqualify them for not having enough members for a fair match. It's never an isolated incident and if the threat is not properly addressed, further attacks should be expected," Bethea points out.

e-Sports competitions are typically played from a user's home, which means they are at the will of a firewall and whatever IPS devices the affiliated service provider or e-Sports provider has installed. Unfortunately, that's not a real solution. IPS devices and firewalls are excellent solutions for network integrity and confidentiality, but to truly protect against botnet attacks e-Sports providers need adopt a solution that can fully protect against volumetric attacks and provide visibility into how the attack is happening, when it is happening, and where the attack is originating from. The key is to have true hybrid protection – on-premise and cloud-based – and industry best practice for the most comprehensive protection from the modern-day DDoS attack.

Hamman recommends that southern African gaming companies deploy an on-premise purpose built DDoS protection solution, such as Arbor APS, at the network perimeter, which can disrupt botnet communications and detects and blocks application-layer DDoS attacks, including those specifically designed to compromise stateful inline tools like firewalls, IPS devices and load balancers.

And, in the event that the on-premise Arbor APS device detects a large DDoS attack that will overwhelm the local Internet connection, it can automatically contact the upstream/in-cloud MSSP and reroute the attack traffic to their scrubbing centre via a powerful feature called Cloud Signaling. This stops the attack before it happens, and provides the intelligence needed to plan for the next attack.

"Let's all take some time to address the seriousness of this threat before its game over!" exclaims Bethea.

For more information about Arbor in Africa, please contact Bryan Hamman at bhamman@arbor.net

Daily newsletter