“Lizard Squad” Knocks Video Game Servers of Blizzard Entertainment Offline
Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group.
The outage knocked the online function of several games offline, including World of Warcraft, Diablo 3, Starcraft 2, and Hearthstone, the notorious hacking group announced on Twitter. The group revealed attacks against both US and EU Blizzard servers, and suggested in a subsequent tweet that more similar attacks will be coming.
US Blizzard #Offline – WoW #Offline, Diablo 3 #Offline, Starcraft 2 #Offline, Hearthstone #Offline @fbiarelosers @AppleJ4ckxoxo
— Lizard Squad (@LizardLands) April 14, 2016
Although the company did not provide specific details on the affected services or games, Blizzard did confirm the attack, saying that the issue affected connection to games. However, the attack was mitigated fast and services were restored in roughly one hour.
We are currently monitoring a DDOS attack against network providers which is affecting connections to our games. https://t.co/YsDZ0CYdFX
— BlizzardCS (@BlizzardCS) April 14, 2016
On its support forums, the company explained that the attack impacted one of its datacenters but that “engineers put up some buffers to resolve the issue, and realms should start recovering.” Blizzard didn’t provide additional details on the attack, yet some users suggested that the attack might have been orchestrated by the community behind the Nostalrius server, which was shut down recently, despite the lack of evidence to sustain the claim.
The Lizard Squad also claimed to have hacked into an employee’s Outlook account, which resulted in personal info and contact lists with information about other Blizzard employees being exposed.
The hacking group has been associated with a variety of high profile DDoS attacks, a series one against PlayStation and Xbox networks in December 2014, which brought both networks down on Christmas. Operating a DDoS tool available for hire, the Lizard Squad has inspired copycats, including a so-called Phantom Squad that threatened to disrupt gaming networks last Christmas.
Given Lizard Squad’s involvement in DDoS attacks against gaming platforms, it remains to be seen what exactly determined the group to target Blizzard.
As Ofer Gayer, senior security researcher at Imperva for the Incapsula product line, told SecurityWeek that gaming servers are a top target of DDoS assaults. Incidents involving gaming platforms have accounted for some of the largest and longest attacks on recent record, he said.
“Since online gaming platforms are highly sensitive to latency and availability issues, they’re ideal DDoS attack targets. Mitigating DDoS on game servers is a particularly complex task. Gamers are very sensitive to the impact on latency, so what may be considered negligible for most services, can be very frustrating for the gaming community. This can be affected by multiple factors, most prominently the distribution of scrubbing locations and TTM (time to mitigate).
“According to our own research, in the past two years alone, the number of DDoS attacks has actually gone up by 100 percent – that’s twice as many attacks this year as last year and they are increasing in the number attacks and rate of attacks. In just the past three years, 45 percent of gaming sites were attacked, and 75 percent of them will get attacked again, as we’re seeing today,” Gayer concluded.
