With the exponential rise in cybercrimes in the last decade, cybersecurity for businesses is no longer an option — it’s a necessity. Fuelled by the forced…
Gaming is the largest entertainment industry worldwide, with a market worth over $197 billion USD in 2022. The pandemic has caused an enormous 26% surge in growth in 2019 and 2021 as users attempted to break up the monotony of lockdowns and stay close to friends and family. This large and growing industry where cash and data are exchanged online is a draw for nefarious actors.
Gamers tend to trust gaming software with sensitive personal information, allowing them to spend either real money or cryptocurrencies in exchange for in-game valuables. Both types of data are valuable and draw hackers to steal them. Nefarious users have different methods they will commonly use to intercept data that can be resold online or to divert transactions into their accounts.
Some hackers may attempt to find and take advantage of security vulnerabilities to disrupt gameplay. These service interruptions cause damage to a game or a company’s reputation, costing them financially.
Cybersecurity protocols are necessary to disrupt data and currency theft from in-game transactions, prevent attacks on gaming software, and halt malware infections on users’ devices.
Cyber threats come in different forms depending on what the hacker tries to achieve and where weaknesses may lie in gaming software. Here we will describe some common cyber threats and how they affect gamers. Other threats exist that are common to software not included here.
A game mod is a game hack that integrates cheating software into the game itself. While this is possible for any game, this type of cyber threat is most common for small compact game clients like mobile games. It is also relatively common for Windows PC games.
Mods require specialized coding knowledge to be created. Typically they require not only programming language knowledge but also knowledge of compilers and machine code since raw source code is generally not available for use. Mods are sold to users for profit to give them an edge in the game. Especially in massively multiplayer online (MMO) games, the actions taken by mods will affect and frustrate legitimate users who may quit the game, leaving their subscriptions. The game developers must close loopholes used by bad actors to create mods. Removing these loopholes ensures mods take too much time to build to be profitable.
Destiny 2, a multi-platform MMO game, has been fighting against mod use for several years. Bungee, the makers of Destiny, have banned users who use mods and have even gone to court fighting mods, though they have been unsuccessful in preventing their use in the game. The number of users lost due to players with these mods is likely incalculable. Resulting lawsuits have proved millions of dollars in damages to game maker Bungee.
Personally identifiable information (PII) leaks are a type of cyber attack where valuable personal information is collected and either used or sold. Data can be collected in different ways, including manipulating the forms in a game to collect personal information, attacking data stores holding this information for game users, or taking advantage of developer errors causing exposed data. Collected data may include emails and passwords, credit card information, device information, and other personal and sensitive data.
Mobile games are a particular draw for database leaks since games will often collect data automatically rather than via forms. Studies estimate that 14% of iOS and Android apps using cloud storage are vulnerable to issues that expose PII. In 2020 a gambling app misconfigured an Elasticsearch engine exposing 200 million sensitive records daily for users worldwide. In 2022 Neopets revealed that a data breach was in place for 18 months, exposing the personal information of more than 69 million users.
Like PII leaks, phishing attacks attempt to gain personal information or payments. The attacker will send a message posing as a trusted individual or service requesting personal information. Once collected, information can be sold or used for ransom demands.
Phishing is one of the most widespread cyberattacks used on gamers. Over one year, one security solution detected over 3.1 million phishing actions in online games, generally targeted at acquiring user credentials to take over gaming accounts. Games targeted include big titles like Grand Theft Auto, where a website offering generation of in-game rewards was set up to collect credentials.
Game accounts often have access to payment information which can then be stolen, or if the gamer is one of many who reuses passwords, the hacker may be able to use credential stuffing on other sites to steal more valuable information. Credential stuffing is a cyberattack method where stolen credentials are used to breach other systems.
A distributed denial-of-service (DDoS) cyberattack aims to overwhelm regular server traffic, slowing or blocking legitimate connections. These attacks can be lobbied against game servers, blocking connections for many users, or targeted against personal devices disrupting a single user. The motivation behind each of these cyberattacks is different and requires different data.
DDoS attacks on individuals cause the user’s online gaming system to become slow and unplayable. This is generally done to gain a competitive advantage over the attacked user. The attacker requires the IP address of the individual, which can be acquired with malware. DDoS cyberattacks on online gaming platforms like PlayStation Network and Xbox Live leave users unable to play networked games. This occurred in 2014 when a hacker group took down both PlayStation and Xbox networks.
Some PC and mobile games pose a significantly more severe danger to users’ online and personal security because of hackers or bad developer security. Devices may become infected with malware (malicious software) intending to steal data after downloading the wrong file or an infected program.
Downloaded games can become infected with malware after a hacker injects malicious code into a legitimate game, or bad actors can create a fake application that is simply a shrouded virus. This is especially common when downloaded from torrent sites but is also possible with mobile games. Minecraft is one of the most malware-infected PC games after malware was detected on over 3 million PCs between 2020 and 2021.
Cyberattacks are successful when there are failures in cybersecurity in gaming software or when users are tricked into giving away valuable information. Game developers should understand the importance of including cyber security when developing and maintaining games to ensure data is kept safe and the game continues to function expectedly. Including cybersecurity protocols in all aspects of the game and observing game data reduces the risk of successful cyberattacks.
Security should be one of the priorities considered when designing and building software. Code reviews and design discussions should include identifying security loopholes and potential exploits so they can be closed before writing code or putting code into production. Apply best practices to game development, like practicing threat modeling and running static analyses.
Relevant monitoring data should be collected from the software. This data can be exported to an observability tool to monitor for security issues. When dynamic alerting and automated incident response is available, teams can respond to cyber threats quickly, reducing impacted users.
Ensure any passwords stored are protected and encrypted. Authentication methods should be secure using methods like two-factor authentication to protect against cyberattacks like credential stuffing and brute force.
Infrastructure in gaming includes databases, networking, and servers (cloud or local) that run code. Code should use principles of least trust to limit the scope of any attacks through servers. Place protection on endpoints against DDoS attacks, so the game experience is not interrupted. Ensure databases are encrypted at rest and secure, especially when personal information is stored. Wherever possible, separate data into different storage locations so breaches are limited in scope.
Run security exercises against your game to identify potential attack vectors. Pen testing and red teaming are valuable exercises to find and close security vulnerabilities in production.
Engage with users where possible. Educate them about phishing attacks and ensure clear communications about what data your game could request from them. Inform them when phishing attempts are known to be occurring, so they are less likely to be caught. Encourage strong passwords and inform users to avoid reusing passwords across different applications.
Personal data is precious. Bad actors will attempt different ways to acquire this data to sell directly or use it for nefarious purposes. Phishing attacks, malware installations, DDoS attacks, exploiting PII leaks, and game mods are all common ways hackers might attempt to steal information or disrupt the gaming experience.
Software designers, developers, and DevOps teams must be diligent and recognize the importance of cyber security in all facets of their game. Security should be built into the development process and infrastructure creation. Users should be informed about how to keep their data secure. Lastly, internal data should be monitored for potential security risks, ideally with an observability solution that will inform teams of security issues early.