Assassin’s Creed Odyssey, the action role-playing video game set in Ancient Greece, had its launch on Friday disrupted by crippling distributed denial-of-service attacks.
With such large amounts of money spent on the development and marketing of video games, the last thing a publisher like Ubisoft wants is to have a fluffed launch which might tarnish a title’s reputation before it’s had a chance to shine.
Bugs are bad enough, but to have gamers simply unable to play the game you have spent millions developing is disastrous.
As players complained on social media that they were unable to play the game, Ubisoft posted on its online forum that it was battling a wave of DDoS attacks that were swamping its servers:
“We’re currently experiencing a series of DDoS attacks, which unfortunately are a common occurrence for almost all online service providers. This may impact connections to our games as well as server latency, and we are taking steps to mitigate this issue.”
Video game companies are no stranger to DDoS attacks, and you would expect them to be particularly prepared for the possibility of an attack at the time of a major game’s launch.
A recent report issued by NetScout Arbor described online gaming as the top motivation for DDoS attacks, ahead of criminals demonstrating their attack capabilities, and extortion.
DDoS attacks are relatively trivial to launch, and so can be easily initiated by someone who is a fan of a competing game, has a chip on their shoulder against a particularly video publisher or accomplished gaming rival, or simply want to show off their “leet” skills to their online pals.
You don’t have to have a financial motivation to launch a DDoS attack, but that doesn’t mean that they can’t cost organisations a significant amount of money.
Companies which may be at risk of DDoS attack should put additional measures in place to minimise the potential for disruption.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.