So it’s been a while since we checked in with Albion Online. You may remember that since the game launched in 2017, it’s had some problems. Shortly after game fully launched hackers began lobbing distributed denial-of-service (DDoS) attacks against the servers hosting the game and it’s functions. The perpetrators of this attack were thought to be companies and groups involved in making money through Real Money Trading (RMT). And after the developers cracked down on illegal sales on in-game currency, the DDoS attacks started. Things got so bad that those behind the attacks even sent a ransom demand to the server operators to try and extort them.
Here was the initial statement from developers Sandbox Interactive earlier this week:
We recently upgraded Albion’s servers and solved an issue with performance of large-scale fights, unfortunately the problems we are dealing with now are a different beast. They are caused by so called DDoS attacks, which started several days ago and which we’ve been defending against. After some initial problems, we brought up our defenses and successfully defended even against relatively severe attacks. The issues you’re experiencing now are the result of an ongoing struggle between our partner’s DDoS defense infrastructure and our attackers. For the most part we appear to be winning (the game is up after all), but occasionally something slips through and causes these disruptions.
After hours more intermittent downtime and other issues caused by the DDoS attacks, the developer has been steadily trying to keep their MMO online in a desperate struggle. And though a short-term solution of moving to more powerful servers can help, identifying sources and mitigating them will be much more helpful. Problem is, Sandbox is having trouble sorting things out. According to their latest statement:
“The difficulty we’re facing here is that many hosting companies are not too concerned with short term disruptions (as they typically deal with websites that can easily function with temporary connection issues), and fail to understand how crucial a continuous network connection is for a game service as ours.”
The issue with these kinds of attacks is that since they essentially involve sending a huge volume of junk traffic to a target, they’re very easy to perform. Pretty much anything that can send HTTP or DNS requests can be used in these schemes. So everything from IoT refrigerators to home PCs can generate connections that have to be filtered out to accept legitimate users. Services like Cloudflare do exist for this purpose, and CDN services can help expedite content delivery, but the malicious traffic is increasingly hard to mitigate as attacks get more complex.
The current problems with uptime have been pinned down to the occasional malicious traffic which slips through the security infrastructure of the hosting provider. According to the devs, the attacks have largely been shut down. We’ll let you know if anything changes.