Cyber Incident Victim: Activision Blizzard
Date:
Aug 2014
Location:
United States of America
Summary
A cyberattack involving distributed denial-of-service (DDoS) disruptions targeted multiple online gaming platforms, including Activision Blizzard's Battle.net service, causing widespread server instability and connectivity issues for titles such as Diablo III, World of Warcraft, and Starcraft. The incident coincided with a bomb threat against a Sony executive's flight, which was diverted following online warnings from a Twitter account claiming affiliation with Islamic State militants and criticizing corporate practices; however, conflicting claims emerged as another hacker associated with Anonymous asserted responsibility for the PlayStation Network outage, citing motives to expose security vulnerabilities. Service providers worked to mitigate the attacks, with some stability restored, while law enforcement investigated the flight diversion.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On August 24-25, 2014, Activision Blizzard's Battle.net online gaming service experienced a distributed denial-of-service (DDoS) attack that disrupted access for users of World of Warcraft, Starcraft, and Diablo III. The attack formed part of a broader campaign targeting multiple gaming platforms simultaneously, including Sony's PlayStation Network, Microsoft's Xbox Live, and Grinding Gear Games' Path of Exile servers. Battle.net's infrastructure was flooded with malicious traffic designed to overwhelm its systems, causing server instability and connectivity issues. Xbox 360 users attempting to access Diablo III's party chat feature encountered specific disruptions due to Battle.net's compromised state. Activision Blizzard acknowledged the attack publicly, confirming their internet service providers (ISPs) were collaborating to mitigate the traffic surge. Service degradation occurred throughout the weekend, with the company working to restore stability amid ongoing attack waves.
The incident coincided with a bomb threat that diverted American Airlines Flight 362 carrying Sony Online Entertainment president John Smedley, who had tweeted about combating DDoS attacks prior to boarding. A Twitter account claiming responsibility for the gaming service disruptions also posted the flight threat, citing opposition to Western military actions against ISIL (Islamic State) and criticizing corporate greed. However, attribution remained unclear as another hacker linked to the Anonymous collective separately claimed responsibility for the PlayStation Network outage. Activision Blizzard focused on technical remediation without publicly addressing the perpetrators' motives or identities. The FBI initiated an investigation into the flight diversion incident, though no law enforcement statements specifically referenced the Battle.net attack. Microsoft's Xbox Live services faced parallel disruptions during the same timeframe, with connectivity issues persisting across multiple platforms despite mitigation efforts by affected companies.