SquareEnix updated the FF14 community about the Distributed Denial of Service (DDoS) attacks that have been targeting their North America data centers since mid-June. These attacks started at the time of the FF14 launch of the Stormblood expansion by a “third-party”. The result of these attacks is that players could be disconnected without warning while playing. Since these attacks occurred the SquareEnix team was able to take defensive measure and greatly reduce the effect of the attacks to their players. Great news right? Well this third-party adapted.
Now the attackers have went one layer up on the network and are attacking the Internet Service Providers (ISPs) that connect the data centers to the Internet. This is causing large “lapses in communication to the game servers.” This is out of SquareEnix’s control but they have been working with their ISPs to implement defensive measures to address the issue.
While this incident is terrible for FF14 players and for SquareEnix, and without getting into motivations of this specific incident, lets look at this as a larger picture. SquareEnix is a large company that’s been around for a while and even it can be hindered by third-party DDoS attacks. If a smaller company launched their first major title such as an MMORPG they might not have the proper resources to defend themselves. Maybe a competitor is stealing market share so they launch some attacks on their competitors. What about a hacker who gets banned? They were already willing to hack and now that they’ve been banned so what’s stopping them from finding a bot network online and using it for a DDoS attack against the game company that just banned them? Getting a hold of malicious software online isn’t that difficult if you’re willing to accept the risks, we may be seeing a lot more of this in the future. The real tragedy behind this is people just want to log in, play their game, and have fun. It only takes one idiot to ruin that.