Square Enix has been dealing with a prolonged attack against Final Fantasy XIV which has been going on for almost a month.
During the ongoing attack, Square Enix has said that it has kept the attack contained and attempted to keep the impact to the player at a minimum. That doesn’t mean that it had gone away though. In an announcement, the publisher confirmed that the North American data centre was still being hit with the attack.
When the attacks first started, the DDoS targeted the actual game servers in the data centre which were mitigated. Once that happened, the target became the ISP’s that fed the data centre with connections.
Since July the attacks have shifted away from the FINAL FANTASY XIV game servers and the target has changed to focus on the upper-tier internet service providers (ISPs) that are required to connect to the data center. These attacks to the upper-tier ISP network are causing lapses in communication to the game servers, giving rise to instant disconnects during logins.
Because we can no longer combat the situation on our own, we have been in contact with the upper-tier ISPs, who have then been taking defensive measures sequentially on their end.
The steps to address the attack have been effective in preventing the Final Fantasy XIV servers from being overly affected but Square Enix explained how they are aware that the changes do not mean it is necessarily the end of the attack.
There is the possibility that the attacks could occur again. Therefore, we will seek to strengthen our cooperation with the upper-tier ISPs and continue observing our defenses.