DDoS Attacks Confirmed

[Joe777]

I am surprised they directly confirmed this at all given that they are a Japanese company and admitting that they were vulnerable to an issue like this is very shameful for them. Directly admitting to what happened to their customers base is not something they would take lightly.

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

DDoS protection varies in strength, as does the magnitude of the attacks themselves. This was obviously a high-level attack that a game with small protection would've struggled to keep the servers operational period. Consider how the attacker has been proceeding and there really isn't any shame at all, except for the DDoSer who clearly is full of shame. Some people are saying SE is lying to us, but can they prove it isn't a DDoS attack? Until they can SE is being honest with us and not hiding anything, which is credible.

[vio_p]

There are methods to sort of help, but in my opinion, they're really hard to counter. You can think of a router as a small computer. You can think of it having incoming ports and outgoing ports. When multiple packets go to the same destination, they're put in a queue. But the router only has so much memory, so when the queue is full packets are dropped. That's why it's bad for actual traffic.

What kind of methods would you suggest, baring in mind that the login servers are most likely using tcp transmission instead of udp?

if your thinking of switching to udp transmission that would be good for SE's wallet as they'd be billed for less traffic usage but it would also cause a lot of headache for them with the players complaining about that next.

your analogy was pretty good though which is why i had to ask to see what you'd consider doing.

[Zephanoa]

Proof for that claim?
Do you just uncritically accept their "news" about an ongoing DDoS-attack of which they inform their customers only 5 days later?

Considering I have worked in InfoSec I applaud them for providing service period during an attack. It takes guts to admit the issue itself to your player base. They probably could have done something different to prevent the issue but security is more hindsight and best practices. It also takes considerable planning to roll out a fix for DDoS specific issues depending on your architecture and programming.

[Yurimi]

Oh look there is a conspiracy theory all over again.

just to tell you:a company should really avoid to lie. i worked in several companies and we never lied concerning technical issues and stuff. There is a huge risk that the truth is coming out which would damage the credibility of a company sustainly. So i really doubt your conspiracy theory.

Its quietly possible that this is a DDOS attack, it is very popular for people to ruin the release of a new expansion also.
Additionally it is less afford needed to run a DDOS attack, everyone can do this.

If they had said something 2-3 days ago maybe I would be more inclined to believe them, the fact that nothing is said until after poor media reception starts being posted leaves a lot of suspicion. Lets also add to the fact it is common for Japanese companies (not just SE but in general) to have individuals or outside sources take the blame for project or business failures in order to save the companies reputation. It is never the companies fault when it can be someone else's fault.

Perhaps this is a DDoS attack but it honestly just shows more of a pattern of overselling your product beyond support capacity. This is coming from many years of MMO launches and expansions and having seen queues (which are fine and common) to whole servers being taken down (which is not) and then for some unknown reason them having the brilliant idea that during a time (launch of a new expansion) when your going to see a massive peak of returning characters on top of your normal load (which on some data centers and servers already see queue times) to also launch a login campaign to bring even more players into it seems like they simply created a poor situation for themselves and are trying to find a reason why it isnt the companies fault but someone specific or some outside source.

DDoS's happen, that is life. DDoS's do not create line ups because your server doesnt create more than one instance. It doesnt change a few of the issues we have experienced that they have claimed to fix. It will cause some of the issues we have experienced but those issues are just as likely to be caused by the servers being overloaded with too many players and not a proper system or plan in place to deal with them

[KisaiTenshi]

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

DDoS protection varies in strength, as does the magnitude of the attacks themselves. This was obviously a high-level attack that a game with small protection would've struggled to keep the servers operational period. Consider how the attacker has been proceeding and there really isn't any shame at all, except for the DDoSer who clearly is full of shame. Some people are saying SE is lying to us, but can they prove it isn't a DDoS attack? Until they can SE is being honest with us and not hiding anything, which is credible.

I have to wonder what the motivation for the DDoS is, to try and blackmail SE? Most of the time DDoS's have two goals:
1) compromise the data by forcing bugs in the OS or netcode to be exploited
2) lose the target company sales by frustrating the customer base

The latter seems more likely, but as much as I would like to think that, I don't see the payoff. Who wins from this?

What they do at the data center my servers are at, is they just blackhole certain ip address ranges that the DDoS's come from (eg China, Romania, Russia, Ukraine, various VPN's and Tor end points), and it works both ways. If the network operations manager decides that a customer's machine is generating DDoS-like traffic, they will cut the machine off.

[Joe777]

I have to wonder what the motivation for the DDoS is, to try and blackmail SE? Most of the time DDoS's have two goals:
1) compromise the data by forcing bugs in the OS or netcode to be exploited
2) lose the target company sales by frustrating the customer base

The latter seems more likely, but as much as I would like to think that, I don't see the payoff. Who wins from this?

What they do at the data center my servers are at, is they just blackhole certain ip address ranges that the DDoS's come from (eg China, Romania, Russia, Ukraine, various VPN's and Tor end points), and it works both ways. If the network operations manager decides that a customer's machine is generating DDoS-like traffic, they will cut the machine off.

Sadly, DDoS attacks can lack a true motive beyond doing it for kicks. However, some may resort to it to keep others from playing a game or a game owned by a company that pissed them off.

[Texa]

Name one MMO that hasn't been DDoSed, and they likely weren't even worth existing.

I don't play other mmos (cept Wow for a bit when it was new, and I mean "no expansions out yet" new) so I wouldn't know : p.

I agree though, that is directly explaining what happened to their customers is shameful for them. Japan usually makes a point to be as vague as they can when it comes to explaining business issues. Hearing the nitty gritty about major problems isn't something they usually do.

[Mostly_Raxus]

I don't see why they would lie about a DDoS, Square has our money already. they have already come out and said there were problems on their side, the DDoS just made things worse in my opinion. and don't worry in my own experience the DDoS attacks never last longer than a week, they just want to ruin the initial fun of the expansion, they will get bored and move on soon enough... Overall I'm loving the new expansion, one of the best I have ever had the pleasure to play, Good luck to everyone trying to see the content, it will all work out, just have some patience, this is only the beginning! <3

[birdy_reene]

I can believe it, WOW, COD, and LoL servers behave like the SE servers have been when they get ddos'ed

[Slirith]

Uh huh, if it really happened, it would've been a lot worse. Unless the script kiddy was incompetent.