DDoS Attacks Confirmed

[myahele]

I would think that the Lizard Group would have taken credit/ announced they did this on social media.

[MistakeNot]

I'm not a tech person but would they have known about the ddos attack the moment it occurred or within the first hour or so? Or does it actually take 3+ days to determine that the congestion of the instance servers were caused by a ddos attack? I sure hope SE isn't lying to us because I would be very sad if they were. I don't mind all the problems that we've been experiencing because of launch but I would feel very offended being lied to.

Since there were ALSO lots of players loading down the servers it would have been very easy to assume all the congestion was due to too many players at once, and not look for evidence of a DDOS attack.
Normally a DDOS attack is easy to detect - just look for sudden and unexpected increases in network traffic. Here we had a lot of expected increases in network traffic at the same time.

[MistakeNot]

It doesn't actually. You just need a bit of tech savviness and to know where to get the right programs and such.

Or some money and the right contacts. There are botnets (large numbers of infected computers that can be controlled from a single location) that one can rent for a short or long time.

DDoS attacks are fairly easy and cheap to do, and hard to trace back to the originators. They are also usually low priority among law enforcement people, so it is rare that anyone responsible actually gets caught.

[Tonkra]

No offense but it really sounds more like an excuse at this point since they are saying it has been going on since the 16th (early access start) and one would think they would say something far earlier than days later AFTER the media has started publishing bad press about the expansions launch.

Edited in because char limits

I would also like to point out they have not only put out an expansion but have also opened up a free login campaign at the same point far overloading the capacity of the servers themselves. The "DDoS" may very well be their own CUSTOMERS trying to get what SE has sold and/or advertised.

Oh look there is a conspiracy theory all over again.

just to tell you:a company should really avoid to lie. i worked in several companies and we never lied concerning technical issues and stuff. There is a huge risk that the truth is coming out which would damage the credibility of a company sustainly. So i really doubt your conspiracy theory.

Its quietly possible that this is a DDOS attack, it is very popular for people to ruin the release of a new expansion also.
Additionally it is less afford needed to run a DDOS attack, everyone can do this.

[daedalusAI]

Oh look there is a conspiracy theory all over again.

If you can't even make an argument against her comment you shouldn't waste forum space.

Let's see: according to SE's news about said DDoS the attack is supposedly ongoing since the 16th and they only informed their customers just now.
So you're supposedly under attack by a DDoS - which could explain the massive queue times since SB early acces - and you don't inform your customer right away as it would provide the best explanation for the queue times but instead you wait 5 days?

That behavior isn't logically sound. If you'd really care about your customer you'd inform them the minute you have information about something like that.

Maybe they themselves see the massive floods of customer as some sort of DDoS which they can't handle?

Edit: And the timing of the emergency maintenance and said news about DDoS raises a flag. The official release for SB was yesterday 20.06 and SE is forced to shut-down their servers for an emergency maintenance just 1 day after the official release. A DDoS would certainly make for a good scapegoat.

[Texa]

I am surprised they directly confirmed this at all given that they are a Japanese company and admitting that they were vulnerable to an issue like this is very shameful for them. Directly admitting to what happened to their customers base is not something they would take lightly.

[usalia]

Dam people.
Lots of you was asking in the past days how can se do so bad of a launch. That is how and why. If you will bay in to the bs all the time and forget the wrongs they did nothing will be fixed . ddos my ass. Go read on what a ddos in the first place.

[Mazora_Espeon]

[daedalusAI]

Actually, they can. DDoS attacks are the root cause of the congestion. It's not always easy to identify a DDoS attack from the onset, so they may have chalked the congestion up to players rather than the actual cause. Plus, how do you know that both aren't a consideration?

People are way too quick to judge.

Proof for that claim?
Do you just uncritically accept their "news" about an ongoing DDoS-attack of which they inform their customers only 5 days later?

[Paladinleeds]

Alright. Then why not block the ip addresses of the computers that the attack is coming from? I'm assuming that if you play ffxiv, then you're sending data to their servers anyway so it wouldn't really matter if actual ffxiv players were infected.

A legitimate user could have been infected by malware (perhaps not even by doing anything wrong, legitimate sites do get hacked and infected with malware too that then gets installed on users computers, with new strains that anti-virus can't yet detect), so you'd be punishing someone and essentially banning them from the game for simply potentially getting infected by bad luck. That would create a PR calamity that would put the last Calamity that hit Eorzea to shame! Plus, that'd start measures for a class-action lawsuit, and you can bet lawyers would be foaming at the mouth for THAT opportunity.

Also, as has been previously mentioned, they're constantly flushing out the IP addresses of the botnet to give them new IPs. You'd have to ban pretty much the entire internet to stop it!

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

DDoS protection varies in strength, as does the magnitude of the attacks themselves. This was obviously a high-level attack that a game with small protection would've struggled to keep the servers operational period. Consider how the attacker has been proceeding and there really isn't any shame at all, except for the DDoSer who clearly is full of shame. Some people are saying SE is lying to us, but can they prove it isn't a DDoS attack? Until they can SE is being honest with us and not hiding anything, which is credible.

Hmm, did you quote the wrong person by accident? I don't think they were the one outright trying to say it wasn't a DDoS attack...