Cyber Incident Victim: Grinding Gear Games
Date:
Aug 2014
Location:
United States of America
Summary
A cyber-attack disrupted multiple online gaming services, including Grinding Gear Games, through distributed denial-of-service (DDoS) incidents targeting their servers, causing connectivity issues and service instability. The attacks coincided with a bomb threat that diverted a flight carrying a Sony executive, with a Twitter account claiming responsibility for both actions while referencing Islamic State motives, though conflicting claims emerged from a hacker associated with Anonymous alleging the DDoS was intended to expose security flaws. The FBI investigated the flight diversion, while affected companies worked with internet service providers to mitigate disruptions across platforms such as PlayStation Network, Xbox Live, and Battle.net, which experienced party chat failures and server unavailability.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On August 24-25, 2014, multiple online gaming platforms experienced distributed denial-of-service (DDoS) attacks, disrupting services for Sony’s PlayStation Network, Microsoft’s Xbox Live, Blizzard’s Battle.net, and Grinding Gear Games. The attacks began on Sunday, coinciding with a bomb threat targeting American Airlines Flight 362 carrying Sony Online Entertainment president John Smedley. The flight, en route from Dallas-Fort Worth to San Diego, was diverted to Phoenix, Arizona, following an online threat alleging explosives were onboard. Smedley had publicly tweeted about Sony’s efforts to combat a “large scale DDoS” attack shortly before boarding the flight. A Twitter account claiming responsibility for the gaming service disruptions posted the bomb threat and linked the attacks to demands for halting airstrikes against the Islamic State (ISIL), using the hashtag #OpISIS and referring to gamers as “kuffar” (non-believers). The same account criticized Sony’s spending priorities, stating the company “isn’t spending the waves of cash they obtain on their customers’ PSN service.” Concurrently, a hacker associated with the Anonymous collective claimed responsibility for the PlayStation Network outage, contradicting the ISIL-linked claims and posting screenshots purportedly verifying their involvement.
Sony confirmed the PlayStation Network outage lasted most of Sunday, while Microsoft reported Xbox Live server unavailability affecting Xbox One multiplayer functionality and Xbox 360 connectivity to Diablo III’s party chat. Blizzard acknowledged Battle.net—supporting Diablo III, World of Warcraft, and Starcraft—experienced DDoS disruptions but noted improved stability after collaborating with internet service providers. Grinding Gear Games disclosed server issues via its Path of Exile Twitter account, attributing them to a DDoS attack and estimating a swift resolution. Smedley confirmed the flight diversion post-landing but declined further details, stating, “Justice will find these guys.” Sony confirmed the FBI was investigating the bomb threat, though no Bureau statement was issued regarding the DDoS attacks. No additional technical specifics, attacker identities, or long-term service impacts were disclosed by the affected companies beyond the immediate incident window.