Data is the lifeblood of the iGaming business and uptime is the measure by which we can analyse whether it is being adequately protected. Unfortunately, the iGaming sector is a high-profile target for attacks and as a result, they take place daily.
Ross Gavey, Head of Data Centre Sales for Team Alderney member Sure International, says that those companies that choose their hosting partners wisely are the ones that will stay protected, no matter how frequent or ferocious the level of attack.
In reality, the iGaming sector isn’t just a high-profile target for attacks, it is in fact, the most targeted industry when it comes to distributed denial of service attacks. In its State of the Internet Report, Summer 2018, Akamai confirms that the gaming sector continues to suffer more than every other sector when it comes to DDoS and sadly, it is disgruntled customers who cause the majority of disruption.
“The gaming industry has continued to be the single largest target of DDoS attacks that Akamai defends against. The majority of these attacks appear to stem from the people using systems affected by the attacks. In other words, it's mainly gamers attacking the sites out of frustration or hoping to gain an edge on their competitors.”
Volume is down but effectiveness is up
The same report also provides evidence that after a lull, the size of attacks is once more on the increase, with the median size of attack in the months to April 2018 being 1287Mbps, compared to 782Mbps in the run up to January this year.
Add to this the fact that targets are rarely attacked only once. In fact, once the subject of a first DDoS effort, a business can expect to be attacked a further 40 times, so there is no solace to be found in expecting a single attack to be the full extent of the problem.
As the size of DDoS attacks goes up, readers will be pleased to know that the number of ransomware attacks is on the decline, by almost a third according to the McAfee Labs Threats Report, June 2018. However, before security professionals break open the champagne, the downside to this news is that the latest generation of ransomware attacks are more highly targeted and effective than before.
Unfortunately, deployment methods are also evolving, with the group behind GandCrab, one of the newest ransomware applications, using a Ransomware as a Service partnership model, thus making attacks more accessible to a wider range of bad actors.
A holistic approach to security
Ransomware is particularly interesting because most attacks employ a mix of technology and social engineering, making it necessary for iGaming companies to employ a holistic approach to protection that includes staff education as well as technologies.
As leading iGaming jurisdictions, Guernsey and Jersey have the world-class data centres needed to host real-time gaming operations and at Sure, we’ve developed our data centre facilities to ensure they provide the right, ever-evolving protection for the iGaming sector.
Against DDoS attacks, we’ve deployed Arbor DDoS protection. This system secures the high bandwidth gateways at the network’s edge and keeps malicious data far from the core and our clients’ systems.
Above this, we’ve deployed an integrated high capacity Off-Net cloud-based solution powered and managed 24/7 by Arbor. It is capable of mitigating attacks in excess of 1Tb/s, given the current median size of attack is 1287Mbps, this is more than capable of thwarting the most determined of efforts.
When it comes to ransomware, our partnership with email security specialists, Mimecast, comes into its own. Offering attachment sandboxing, URL protection, impersonation protection, internal email protection and a constant programme of education and testing to ensure staff are always on the alert for phishing emails that could trigger a ransomware attac. Mimecast’s cloud-based email protection service is world leading and has found its place in the Gartner Magic Quadrant.
Sure’s unique dual-island data centre network also provides the physical resilience that every iGaming operation needs to ensure its operations will continue unaffected, no matter how fierce an attack. Companies continue to choose the Channel Islands and Sure because it’s clear that we are serious about iGaming, know what we’re doing and perhaps most importantly, we’re here for the long-term.
This article first appeared in the iGaming Business 'Fraud and ID Verification Focus,' September 2018