DDoS Attacks Confirmed

[Texa]

I am surprised they directly confirmed this at all given that they are a Japanese company and admitting that they were vulnerable to an issue like this is very shameful for them. Directly admitting to what happened to their customers base is not something they would take lightly.

[Joe777]

I am surprised they directly confirmed this at all given that they are a Japanese company and admitting that they were vulnerable to an issue like this is very shameful for them. Directly admitting to what happened to their customers base is not something they would take lightly.

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

DDoS protection varies in strength, as does the magnitude of the attacks themselves. This was obviously a high-level attack that a game with small protection would've struggled to keep the servers operational period. Consider how the attacker has been proceeding and there really isn't any shame at all, except for the DDoSer who clearly is full of shame. Some people are saying SE is lying to us, but can they prove it isn't a DDoS attack? Until they can SE is being honest with us and not hiding anything, which is credible.

[KisaiTenshi]

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

DDoS protection varies in strength, as does the magnitude of the attacks themselves. This was obviously a high-level attack that a game with small protection would've struggled to keep the servers operational period. Consider how the attacker has been proceeding and there really isn't any shame at all, except for the DDoSer who clearly is full of shame. Some people are saying SE is lying to us, but can they prove it isn't a DDoS attack? Until they can SE is being honest with us and not hiding anything, which is credible.

I have to wonder what the motivation for the DDoS is, to try and blackmail SE? Most of the time DDoS's have two goals:
1) compromise the data by forcing bugs in the OS or netcode to be exploited
2) lose the target company sales by frustrating the customer base

The latter seems more likely, but as much as I would like to think that, I don't see the payoff. Who wins from this?

What they do at the data center my servers are at, is they just blackhole certain ip address ranges that the DDoS's come from (eg China, Romania, Russia, Ukraine, various VPN's and Tor end points), and it works both ways. If the network operations manager decides that a customer's machine is generating DDoS-like traffic, they will cut the machine off.

[Joe777]

I have to wonder what the motivation for the DDoS is, to try and blackmail SE? Most of the time DDoS's have two goals:
1) compromise the data by forcing bugs in the OS or netcode to be exploited
2) lose the target company sales by frustrating the customer base

The latter seems more likely, but as much as I would like to think that, I don't see the payoff. Who wins from this?

What they do at the data center my servers are at, is they just blackhole certain ip address ranges that the DDoS's come from (eg China, Romania, Russia, Ukraine, various VPN's and Tor end points), and it works both ways. If the network operations manager decides that a customer's machine is generating DDoS-like traffic, they will cut the machine off.

Sadly, DDoS attacks can lack a true motive beyond doing it for kicks. However, some may resort to it to keep others from playing a game or a game owned by a company that pissed them off.

[MistakeNot]

I am surprised they directly confirmed this at all given that they are a Japanese company and admitting that they were vulnerable to an issue like this is very shameful for them. Directly admitting to what happened to their customers base is not something they would take lightly.

Given that it is near-impossible to defend yourself completely against a DDoS attack it is not exactly shameful to admit you are vulnerable to something that practically every other company in the world are also vulnerable to.