February 2018 DDoS Review

DDoS Attacks February 2018

It has been a very busy month here at Streamline Servers, the same can be said for our DDoS mitigation clusters. Below are a few stats we’ve pulled from our clusters which highlight how frequent attacks are in the gaming industry.

Quick Stats:

- Total Number of Attacks: 14,838
- Time Under Attack: 6,039 minutes or 100.65 hours or 4.11 days
- Largest Attack: 18.2Gbit @ 1.2MPPS (NTP Protocol)
- Smallest Attack: 1-2Mbit @ 1020PPS (TSource Engine Query)
- Most Attacks  are short in duration <10m


Statistics For February

The gaming sector, although it is a target of frequent attacks, the majority are very short in duration. Especially when the attacker is unable to cause any harm to the service they are targeting. We see a large number of short quick burst attacks (varying in attack protocol), as the attacker cycles through different vectors.


New Attack Vectors

We are starting to see a rise in application specific (layer 7) attacks targeting our gaming networks. The attack below is a specially crafted attack known as ‘TSource Engine Query’, it is designed to target source engine games such as Counter Strike, Rust, Garry’s Mod etc. It utilises an exploit in the game code which causes the server to physically read and process every packet sent. These attacks are usually high packets per second (PPS) and low volume (Mbit) the average size we see is around 200,000PPS at ~300Mbit.

In the case of this attack, we saw the peak traffic at ~2.2GBit and 3.68MPPS an extremely large attack for the vector used. Our DDoS clusters were able to handle, process and mitigate this attack traffic before it reached its intended target.

It’s not only our network that has seen this rise in new attack vectors, Cloudflare recently posted a blog outlining a new attack vector.

This particular attack leverages a specific port in order to render the target system inoperable. As Streamline Servers runs its own mitigation clusters, it allows us to stay on the forefront of new attacks. We have already put in a new mitigation rule to detect and prevent this attack vector from targeting our systems.


Want to know more about our mitigation systems?
Don't hesitate to get in contact with us today.

Submitted at 01/03/2018, 13:15pm

Updated: at 04/04/2018, 13:16pm

Been read 3821 times

What People wrote...