Cybersecurity for the gaming industry is a necessity
The gaming industry is an exceptionally attractive target for cybercriminals; therefore, and effective cybersecurity solution is essential for them.
The global gaming market is immense. Newzoo, a leader in the field of video games and gamer data, forecasted in 2020 that the gaming market would grow to nearly US$ 190 billion in 2021, up from US$ 137.9 billion in 2018. It further stated that 2023 would mark a major milestone for this market, with the global number of gamers exceeding 3 billion, representing a CAGR of +5.6% (2015-2023), with the vast majority playing on mobile devices.
Cloud technology has fueled the growth of the cloud gaming market. According to market research by Brandessence, this market is likely to grow to US$ 7.382 billion by the end of 2028.
The data collected by gaming companies is of extremely high value to them. As explained by EY, this data improves their understanding of player behaviors, enables them to personalize and redesign their games to make them more engaging, and allows them to create targeted in-game advertisements.
The immense amount of personal and credit card data collected by gaming companies has not escaped the attention of cybercriminals looking for easy financial gain, or for a way to use stolen data to perpetrate various attacks on various organizations or individuals.
Business Research Company estimates that the in-game microtransactions market (the purchase of in-game tools, character upgrades, etc.) will be worth more than US$ 106B by 2026, with a CAGR of 11.9%. As the payment methods of many gamers are linked to their accounts, these constitute an attractive target for cybercriminals looking to gain access to payment information.
The gaming industry is a more attractive target for cyberattackers than the banking industry
The number of gamers worldwide is expected to be more than 3B in 2023
Increased risks justify cybersecurity for the gaming industry
According to Akamai, the gaming industry is a more popular cyberattack target than banking!
Cybercriminals launch attacks against online gaming companies for financial gain, however they achieve this goal also by stealing gaming accounts, and not only through theft of personal information and credit card data. Gamers put a great deal of effort into building their game characters and purchasing goods; gaining control of such accounts enables the account buyers to play at a higher level, benefitting from what the original gamers had already gained, while sparing themselves the effort the gamers had invested.
52% of survey respondents have had one or more of their accounts hacked
(DreamHack & Akamai)
70% of survey respondents have seen hacked accounts offered for sale online
(DreamHack & Akamai)
A 2020 survey conducted by DreamHack and Akamai among 1,200 gamers revealed that 52% of the respondents have had at least one of their accounts hacked, and 70% have come across hacked accounts being sold online.
In its 2022 State of the Internet (SOTI) report, Gaming Respawned, Akamai further shared that it had tracked 821,648,208 web application attacks in the gaming industry from May 2021 to April 2022, representing an annual increase of 167%.
The vulnerability of gaming sites is compounded by the fact that gaming developers do not place sufficient emphasis on security; their primary concern is speed and quantity in releasing games.
Attacks that ACID’s cybersecurity for the gaming industry addresses
ACID Technologies’ cybersecurity solution for the gaming industry addresses a wide range of threats, including the following main ones:
- Web application and API attacks – according to Akamai, since January 2021, the top three web application attack vectors targeting gaming were LFI (Local File Inclusion) – 38%, SQL injection – 34%, and XSS (Cross Site Scripting) – 24%. The company further stated that since April 2022, web application and API (Application Programming Interface) attacks were the largest attack category, and continue to increase in volume.
- DDoS attacks can adversely affect gaming performance, or even prevent gamers from playing altogether. According to Akamai’s 2022 State of the Internet (SOTI) report, gaming is the industry most affected by this type of attack, incurring 37% of all global DDoS attacks, almost twice as many as in the financial services vertical.
- Malware and phishing attacks are often perpetrated together in the gaming industry, where gamers are tempted with an advantageous “cheat” and unwittingly install malware and ransomware. Inventory and characters can also be stolen through a phishing attack.
- Credential stuffing attacks – to give an idea of the extent of the problem, Akamai has revealed that in the 17 months ending in March 2019, hackers had carried out 12 billion credential stuffing attacks against gaming websites.
- Ransomware attacks – cybercriminals are known to put “hacks” and other virtual good up for sale. Unbeknownst to the gamers buying them, these are actually Trojan horses intended for ransomware.
The importance of cybersecurity for the gaming industry with respect to regulatory compliance
As gaming companies collect vast amounts of personal information and payment credentials, they are required to abide by strict regulations, including:
- Payment Card Industry Data Security Standard (PCI DSS), which applies to every business that stores, processes or transmits cardholder data.
- GDPR (General Data Protection Regulation) – a pan-European data protection law that requires organizations to manage data appropriately. Failure to comply with the GDPR places them at risk of heavy fines of up to 4% of their global annual turnover, or 20 million euro – the higher of the two.
Examples of gaming industry attacks that could have potentially been avoided with an effective cybersecurity solution
Examples of attacks highlighting the justification for implementing cybersecurity measures in the gaming industry are presented below.
- “Icebreaker” campaign: Since September 2022 and into 2023, a social engineering “Icebreaker” cyberattack campaign has been targeting the gaming and gambling industries. According to The Hacker News, the threat actor poses as a customer while initiating a conversation with a support agent of a gaming company under the pretext of having account registration issues. The adversary then urges the individual on the other end to open a screenshot image hosted on Dropbox.
- Rockstar: 3GB of video footage from the Rockstar Games company’s GTA6 edition of the ‘Grand Theft Auto series, which had not yet been released at the time was shared on the GTAForum in September 2022, as reported by SOC Radar. The attackers claimed to have stolen the complete source code for GTA5 and the early GTA6 source code.
- NVIDIA: Also in 2022, the graphic card manufacturer was targeted by the Lapsus$ group. According to SOC Radar, the group claimed to have stolen 1TB of data in the attack, and in response, asked NVIDIA to open-source GPU drivers and remove all restrictions on cryptocurrency miners.
- Electronic Arts (EA): In June 2021, Infosecurity reported that hackers staged an attack against EA, a global leader in digital interactive entertainment headquartered in the USA. The attack was detected when the hackers published blog posts on underground hacking forums offering 780 GB of data for sale. The stolen data included the source code for FIFA 21 and code for its matchmaking server, as well as source code and tools for the Frostbite engine, which powers the popular game Battlefield, among other EA games. The hackers also gained access to proprietary EA frameworks and software development kits; however, it seems that they did not steal any of EA customers’ personal data.
The benefits of ACID’s cybersecurity for gaming companies
Gaming companies failing to protect themselves adequately from cybercrimes place themselves at risk of great financial loss – both directly, and as a result of fines due to non-compliance with regulations and standards. They are also at risk of great harm to their reputation.
ACID offers an exceptionally cost-effective solution for online gaming operators: It deploys clusters of bots and implements advanced AI algorithms in order to detect the first signs of an attack in the clear, deep and dark web, as well as in multiple other sources, as early as in its initial planning phase. Once such signs are detected, ACID alerts the targeted company in real time, providing all the available information – including screenshots of threats detected on the dark web and deep web, which clients may be reluctant or incapable of accessing themselves. ACID continues to monitor the sources, using client-specific keywords in several languages, and provides updates with any additional data as it becomes available. While ACID continuously monitors a great number of sources, if the client wishes to include additional ones in the search, we are happy to oblige.
Additionally, ACID conducts widespread monitoring activities to detect any hacked accounts that may be offered for sale, indicating that a company has already been breached, to enable it to take appropriate action.
ACID’s state-of-the-art solution provides real-time alerts to cyberattacks waged against gaming companies, even as early as in their planning stage. The initial information provided, and the subsequent updates, enable the targeted companies to implement effective countermeasures, and maintain business continuity and profitability.