Now with over three million users and 3,000 games in its lineup, Indiegala is a major online gaming distributor. Based in Rome, Italy, the company’s home page advertises that “your personal data is protected by the durability and reliability of a platform designed by Google, the number one internet company in the world.”
Since Indiegala’s founding four years ago, however, web threats and DDoS attacks have increased in their sophistication. This is confirmed by our Q4 2015 Global DDoS Threat Landscape Report.
“Today’s website operators, particularly in the e-commerce and gaming industries, face complex security threats such as automated bot access, malware injection and DDoS attacks on a daily basis,” said Marc Gaffan general manager for the Incapsula service at Imperva.
While Indiegala CEO Riccardo Rosapepe felt confident in the gaming site’s basic security platform, he knew that his company’s web application security needed bolstering.
“Due to the competitive nature of our business, we had to assume that at some point we would become the target of a malicious attack that could disrupt our business. While we felt confident that Google Cloud minimized the risk of large network level DDoS attacks taking down our website, we still needed web application security to protect us against targeted attacks looking to compromise our clients’ account information as well as our own business assets.”
Read the case study to find out why Indiegala chose Incapsula to protect its website.
Why online gaming is vulnerable to DDoS attacks
In February, we hosted Combating Threats and Vulnerabilities in Online Gaming, a webinar featuring journalist Charlie Hall and Product Marketing Manager Nabeel Saeed. In it, they discussed why gaming companies are susceptible to DDoS attacks and what they can do to protect their infrastructure and customers.
Single Point of Failure Gaming has shifted to an online model where gamers expect uninterrupted connectivity—both in massively multiplayer online (MMO) and single-player experiences. From a security perspective an always-available, centralized gaming platform introduces a single-point-of-failure (SPOF). DDoSers in their attempts to achieve instant notoriety gravitate toward gaming servers because a SPOF lets them wreak havoc on their targets.
Pushing the right buttons DDoSers exploit the emotional investment gamers have toward their games, often a connection to a character, fictional worlds, or user scores and competitive statuses. Gaming is a strong emotional experience for its fans, and any interruption evokes a passionate response. The scale of online conversations centered around DDoS attacks on games shows how important games are to their players.
Combating DDoS threats
After conferring with security experts, Indiegala chose Incapsula to protect its gaming platform. The company’s initial evaluation assured Rosapepe and his team that Incapsula could protect its assets from all types of internet threats. He also witnessed how Incapsula accelerated gamers’ interactions, while letting his team create custom security rules to thwart IP requests that exceed established rates.
Indiegala’s investment quickly paid off when it was targeted by a pair of large DDoS attacks. Because its operations were fully protected, however, Indiegala was unaware of the assaults until its team reviewed its reports in the Incapsula portal. More importantly, Indiegala’s gaming community enjoyed full access to the site and uninterrupted gaming. Rosapepe said of the attack,
Our visitors had no perception of the DDoS attack and no one here even realized we were under attack until we saw the traffic statistics on Incapsula.
You can read the complete Indiegala case study. If you’d like to find out more about protecting gaming servers, you can check out our ebook Incapsula Guide to Protecting Gaming Servers from DDoS Attacks.