The esports team T1, known for 'League of Legends (LoL),' has appealed for assistance in blocking Distributed Denial of Service (DDoS) attacks against its players, drawing attention to the evolving hacking techniques. A DDoS attack refers to a cyber assault where hackers flood a server with excessive traffic, incapacitating it. The IT industry expects an increase in indiscriminate DDoS attack cases this year as well.
Kim Jung-kyun, T1’s head coach, noted during a press briefing for the '2024 League of Legends Champions Korea (LCK) Cup' held at LoL Park in Jongno District, Seoul, on 8th, that "DDoS is not something our team can address. (Riot Games) needs to solve it." T1 halted their streaming broadcasts last year after ongoing DDoS attacks on player streams. Although they resumed broadcasts in December, they abandoned them again after the DDoS attacks restarted.
DDoS attacks have not appeared recently; they have been around since the 1990s as traditional cyber assaults that generate large-scale traffic using infected devices to deplete server resources or network bandwidth. The method is straightforward, but when a server is incapacitated and services are interrupted, it can not only diminish trust in the affected companies but also incur financial losses.
Not only T1’s player incidents from last year but also the number of hacking cases affected by DDoS attacks has increased. According to reports submitted to the Korea Internet & Security Agency (KISA), the number of DDoS attack incidents rose by 23% compared to 2023. In November last year, national courts were paralyzed for nearly two hours due to a DDoS attack. Along with courts, attempts to hack public institutions have continued, raising awareness about cyber terrorism.
It is challenging to devise defensive solutions against attacks because hackers are employing new techniques. T1's case was also difficult to prevent due to the changing nature of the DDoS attacks that occurred in January and June last year. According to KISA, recent attacks have involved exploiting network equipment such as routers to create large-scale network traffic, incapacitating servers or leaking data. Additionally, tools for DDoS-as-a-Service are being sold on the dark web, allowing anyone to attempt DDoS attacks.
The security industry has warned that indiscriminate DDoS attacks targeting government, public, and private corporations will continue this year. To prevent DDoS attacks, it is crucial to monitor traffic, block abnormal requests, or increase server capacity to prepare for attacks. A security industry official stated, "We expect an increase in DDoS attacks targeting small and medium enterprises that do not monitor internet services," adding that "It is important to increase investments related to information protection and to prevent attacks before they occur."