Story image

Gamers beware: Hackers hired for as little as five dollars

23 Oct 14

The gaming industry is the top target for Distributed Denial of Service (DDoS) attacks, according to new research from Symantec.

Symantec says the rise of the attacks are becoming increasingly devastating to service providers and players. The gaming industry experiences nearly 46 percent of DDoS attacks, followed by the software and media sectors.

DDoS attacks are frequently marketed to gamers as a way to disrupt competing teams or players. Symantec says hackers can be hired for as little as five dollars to perform an attack on any target.

While DDoS attacks are not a new concept, they have proven to be effective. The security vendor says it is likely we will see an increase in DDoS attacks from mobile and IoT devices in the future.

“Such attacks are simple to conduct for the attackers, but they can be devastating for the targeted companies,” the report says.

Amplification attacks especially are very popular at the moment as they allow relatively small botnets to take out large targets. For such an attack, spoofed traffic is sent to a third-party service, which will reflect the answer to the spoofed target.

From January to August 2014, Symantec has seen a 183 percent increase in DNS amplification attacks, making it the most popular method seen by Symantec’s Global Intelligence Network.

The report says amplification DDoS attacks using NTP were prominent in the first quarter, but have since been steadily decreasing. “This may be due to various people upgrading and reconfiguring their servers. Attackers are also experimenting with other protocols like the Simple Network Management Protocol (SNMPv2) or, as seen in September, the Simple Service Discovery Protocol (SSDP)”.

Multiple methods are often used by attackers in order to make mitigation difficult and, to make matters worse, DDoS attack services can be hired for less than US$10 on underground forums.

Symantec says it expects to see many DDoS attacks during Guy Fawkes on 5 November, as the Anonymous collective has already announced various activities under the Operation Remember campaign.

However, hacktivists protesting for their ideological beliefs are not the only ones using DDoS attacks. Symantec says it has seen cases of extortion where targets have been financially blackmailed, as well as some targeted attacks using DDoS as a diversion to distract the local CERT team while the real attack was being carried out.

CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Game review: Just Cause 4 on PC
Rico Rodriguez returns to wreak over-the-top havoc for a fourth time. This time the island nation of Solís is our hero’s sandbox, ripe for destruction.
Hands-on review: Logitech G502 HERO gaming mouse
My favourite feature of the G502s is the ‘Sniper’ button, which is found on the left hand side of the device. When held, this lowers the DPI and allows you to achieve maximum accuracy whilst honing in on a kill on your favourite FPS title.
Interview: ZeniMax Online's game director talks Elder Scrolls Online
FutureFive’s Darren Price sat down with Matt Firor, ESO’s designer and now president and game director at ZeniMax Online.
IDC: Tablets stay dead, notebooks keep head above water
An IDC report predicts a soft personal PC market, slipping into further decline with the exception of notebooks, gaming PCs, and business PC upgrades.
A hands-on guide to Christmas shopping by Santa’s IT elf
Ho, ho, ho! So you’re back again for more inspiration for that hard-to-buy-for person in your life?
Govt commits $15.5m to digital identity research
“With more and more aspects of our lives taking place online it’s critical the government takes a lead to ensure New Zealanders have control of how and who uses their identity information,” says Minister Woods.