Online gaming company recounts fighting for survival vs. DDoS attacks

Fighting denial-of-service attacks has become a matter of survival for some businesses that find their websites getting smashed and network flooded by attackers. Online gaming company SG Interactive says it's under constant attack and the only way to keep going is to set up an anti-DDoS defense.

"It was crushing our firewall, and then the attacker changed the pattern a few days later with a DNS recursive attack," says James Kim, senior systems engineer at Irvine, Calif.-based SG Interactive, which operates Web servers and applications that provide online games such as Pangya, MMORPGTrickster Online and

[ RELATED:DDoS attack against Spamhaus overhyped says website watcher Keynote]

In recounting the DDoS attacks that have become commonplace over the last few months, Kim notes there were SYN floods that oversaturated the network, coming two or three times per day, sometimes lasting up to 12 hours. At one point it seemed to reach almost 5Gbps in attack traffic, he says, negatively impacting online game players.

And as to why it was happening, Kim can only speculate, wondering if a competitor had a grudge of some kind. But the DDoS attacks were threatening the survival of the online gaming business.

After a review of the some of the anti-DDOS gear on the market, SG Interactive installed the Corero Network Security gear last March to scrub traffic. It's managing to prevent unwanted traffic from killing the online gaming business, but the DDoS attacks haven't ended, Kim says. "Someone is not giving up," he adds.

Other vendors offering anti-DDoS gear include Arbor Networks, Radware and Prolexic, which has both a hardware and services component. Prolexic today provided tips on how companies may want to validate their DDoS defenses.

According to Prolexic:

  • Test small amounts of traffic without scrubbing and without any DDoS protection to validate that your on-premise monitoring systems are functioning correctly. This action will also help you identity the stress points on your network.
  • Make sure a "mitigation playbook" is part of your incident-response plan.
  • With the anti-DDoS mitigation in place, test to make sure your applications are working properly.
  • Verify that all routing and DNS is working.
  • Even if there is no sign of a DDoS attack for a long period, test regularly to validate the configuration that was set up is still working correctly - and eliminate the risk of a network element failing due to a DDoS attack.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags DDoS attacksSpamhaussecurityonline gamingonline gaming securitylegalSG Interactivecybercrime

More about Arbor NetworksArbor NetworksIDGInteractiveRadware

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place