Xbox Live has been DDoSed again, bringing back memories of the dramatic attack waged against Microsoft and Sony’s PlayStation Network in 2014. This time, the hacking group that attacked Live goes by the name “Phantom Squad,” a copycat of the 2014 Lizard Squad.
ARS Technica reported on December 18 that Xbox Live users experienced difficulty logging into their accounts during the night of December 17. By the time ARS Technica published their story, the Xbox Live network was fully functioning. These difficulties occurred after a series of threats made by the Phantom Squad Twitter account, threatening to go after “PSN and Xbox Live. . .Companies that have millions of dollars. . .and don’t bother on working on security.” In another tweet, the group said, “PSN and Xbox don’t use that money to improve their security. . .So until they open their eyes Xbox Live and PSN will remain Vulnerable.”
After Xbox users began reporting difficulties logging into their Live accounts, Phantom Squad took to Twitter again, threatening Sony, “PSN is next. . .RT if you don’t want this to happen.” Although Sony received multiple threats from this group, PSN has not experienced any downtime.
The Xbox Live team at Microsoft responded to this situation quickly, issuing a statement on its support site:
“Hey Xbox members, are you having trouble purchasing or managing your subscriptions for Xbox Live? Are you also having an issue with signing into Xbox Live? We are aware of these issues and are working to get it fixed ASAP! Thank you for being patient while we work. We’ll post another update when more information becomes available.”
At press time, the support site lists all Xbox Live services as functioning normally.
This apparent DDoS attack is a symptom of a much larger problem: a lack of decentralization. Microsoft hosts all of its Xbox Live services on centralized servers, giving hackers a single target to aim for in their attacks. Although PSN has not experienced any difficulties from Phantom Squad thus far, it is still just as vulnerable as Xbox Live, since it also runs on centralized servers.
If companies like Microsoft and Sony are serious about preventing DDoS attacks, they should consider investing in and implementing the blockchain or other decentralized technologies. Perhaps they would be able to devise a system of smart contracts hosted on the Ethereum network that would manage their gaming services in a decentralized manner. Or, if the blockchain didn’t suit their needs, Microsoft and Sony could develop an alternative node-based solution similar to TOR or meshnets. Instead of having all their devices communicate with centralized servers, each game console could act as a node, and the consoles could connect to one another to form a decentralized gaming network.
With this kind of technology, Xbox Live and PSN would be virtually invincible against DDoS attacks. Hackers could take out a handful of players, but the network would remain operational, and any difficulties would be minor annoyances for individuals rather than everyone on the network. Maybe this latest attack will push Microsoft and Sony to explore alternatives to their centralized servers. Only time will tell.
Do you think decentralization could stop DDoS attacks like this? Let us know in the comments below!
Source: ARS Technica
Images courtesy of Microsoft