Spectators having a good time is not dependent on the weather, as in conventional outdoor sporting events, but on the servers working without a hitch. Should they go down due to DDoS attacks, it may lead to financial or organizational issues, or even to the rescheduling of entire events.
What started out as a pastime for nerds has in recent years become a massive industry that generates millions in revenue. Newzoo´s “2017 Global Esports Market Report” prophesies that esports will be a $1.5-billion global industry by 2020. According to the analysts, the Esports Economy grew to $696 million in 2017, an increase of 41% over the previous year. In terms of revenue, Western Europe is the second-largest region worldwide, expected to increase to $279.8 million by 2020 from $151.3 million in 2017. The reasons for this significant growth lie in a professional organizational structure, excellent marketing and massive sponsoring efforts by big-name groups of investors. Esports has attracted a large number of sponsors such as Intel, Audi, Red Bull and T-Mobile, to name a few. The soda giant Coca-Cola sponsors one of the largest esports competitions on earth, the League of Legends World Championship. Many major soccer clubs, such as Paris Saint-Germain, West Ham or Manchester City, have created their own esports teams in recent years. The esports scene also found its place in the TV market in recent years, garnering new audiences. In 2016, Sky and ITV started airing UK´s first 24-hour esports TV channel, Ginx esports TV.
Elaborate pre- and post-game commentary helps the uninitiated follow games, and organizers can build a broad audience. Like other sports, esports greatly rely on popular faces. The hottest gaming stars can count on lucrative contracts. Just in September, a 17-year-old North-American gaming pro signed a guaranteed 1-year, $150,000 contract for playing Overwatch.
Due to the sector’s increase in popularity and high cash prizes, esports is also a popular target for criminals. The esports scene’s biggest events can be hit by DDoS attacks, bringing security aspects to the forefront. Cyber-attacks on big events mean massive financial risks and are a threat to the sport’s reputation. If competitions are interrupted by disconnects, lag or slow loading times, neither the teams nor the spectators get their money’s worth.
Since 2015, tournaments of any size and all types of game have been hit. In the last couple of years, mainly Hearthstone tournaments and the Dota 2 world championship were victimized, and several national Dota 2 Challenger Series were targeted by DDoS attacks. Also hit were numerous Counterstrike tournaments and small events with small prizes. The worst-case scenario for a DDoS attack is that an event must be rescheduled or canceled if the organizers can’t handle the situation. In the case of the Dota 2 world championship, the competition could only resume after several hours.
There is a variety of reasons for DDoS attacks in the e-sports sector. As with any other sport, there is high-stakes betting. DDoS attacks can be used to influence and fix matches. League of Legend players going offline for longer than 10 minutes are automatically blocked. Instead of paying off judges, fraudsters can fix matches by overloading specific servers.
Competitive advantage also plays a role in the e-sports sector. 5PLUS50K12, the winning team in this year’s Deadman Autumn Invitational, a competition with a cash prize of 20,000 US dollars, was retroactively disqualified because its members were accused of creating their own botnet and running attacks against their competitors. Hundreds of thousands of spectators followed the finals on the event’s official Twitch channel. The Dota 2 player Joao Paulo de Araujo was barred for two years by the Esports Integrity Coalition (ESIC) for using DDoS attacks.15
DDoS protection for more fairness in e-sports
In the e-sports industry, security measures are increasingly important, mainly during tournaments. Organizers face several technical challenges: the IT infrastructure must be permanently available and have high scalability. Latency must be kept to a minimum. An important step in safeguarding gaming events is professional protection for servers against DDoS attacks employing UDP floods. UDP is a connectionless protocol with little overhead, making it highly suitable for high-speed digital games. An attacker will exploit the exchange of packets via unprotected connections for DDoS attacks. Using IP spoofing, they will act like the gaming server and submit an excessive number of packets or very large packets to the target with the intention of overloading it. Containing information on typical behavior patterns associated with a specific game, a DDoS filter can automatically refine its algorithms – for example, in terms of the number and size of packets. If there is a significant deviation from these parameters, the protection solution will recognize the anomaly and start additional analyses that involves, among other tasks, checking the packets’ contents and blocking unwanted traffic before it even reaches the servers.