Why is the Gaming Industry New Favorite Amongst Cybercriminals?

Cybersecurity has evolved into a game of wits where hackers and defenders continue to outwit each other. But of late, hackers have found themselves gravitating to areas where exploited loopholes in cybersecurity can earn them money, entertainment, or maybe trigger political issues and much more. As the COVID-19 has given the gaming industry a major boost in its earning, hackers find this sector as their new favorite for potential attacks. The latest research from cybersecurity firm Akamai claims there had been 10 billion attacks on the games sector between July 2018 and June 2020. The research has also found that the gaming industry has suffered 152 million web application attacks. In the report, Gaming: You can’t solo security, which forms part of a wider series on the state of internet security, Akamai and gaming lifestyle festival DreamHack, noted in particular that the volume of attacks had ramped up during COVID-19 lockdowns.

According to this report, the attackers used a method called credential stuffing to gain access to games and gaming services by using lists of username and password combinations stolen in other cyberattacks and available to buy from sources online. Akamai’s study further mentions that between July 2019 and June 2020, of more than 5,600 unique distributed denial of service (DDoS) cyberattacks it witnessed, over 3,000 were aimed at the gaming industry. These DDoS attacks were primarily aiming to bring down a service by flooding it with internet traffic.

Another research report named “2019 State of the Internet/Security Web Attacks and Gaming Abuse” by Akamai released last year, state that there were 55 billion cases of credential stuffing attacks across all industries. The report highlighted that nearly 67% of credential stuffing attacks target organizations based in the United States. It stated that Russia is the second-largest source of application attacks, and China is ranked as the fourth-highest source country. On the other hand, the United Kingdom ranked as the second-highest targeted country with Japan, Canada, Australia, and Italy are also among the countries most targeted.

Similar to cyberattacks targeted on exploiting the unique challenges that businesses face due to increased teleworking, attacks on the gaming industry is mainly due to this industry acting as quickly exchange in-game items for profit. Gamers are known to spending money on various online quests and game enhancements, which makes them an easy target for hackers. Akamai says that hackers focus on more valued video game accounts that are connected to a valid credit card or other financial resources. After compromising the account, the criminal can purchase additional items, such as currency used within the game, and then sell the hacked account at a higher price. According to Newzoo, the global gaming market will generate revenues of US$159.3 billion in 2020 – a 9.3% increase year-on-year.

In April, Kaspersky reported that Minecraft, the world’s best-selling video game, was the most popular target for cyber attackers, used in more than 130,000 web attacks. Other popular games used in attacks were Counter-Strike: Global Offensive and The Witcher 3. Meanwhile, the daily number of blocked attempts to direct users to dangerous sites that exploit video games increased by 54% compared to January 2020.

Akamai says in its report that most of the attacks against gaming sites employ SQL injection (SQLi), where hackers use online forms to inject specific SQL code that can compromise the database behind the form. Another popular ploy employed is Local File Inclusion (LFI), through which attackers use web applications to gain access to files stored on the server. Cybercriminals typically hit mobile, and web-based games with SQLi and LFI attacks as a way to capture usernames, passwords, and account information. Often times, hackers use open cloud services and digital platforms to conduct their business.

These aren’t the first instances in the gaming industry being target by hackers during COVID-19. Last month, experts found a game named “Fall Guys: Ultimate Knockout,” which contained malicious javascript API. It stole data from target players’ discord and browser.  In June 2020, around 1.3 million Stalker Online players’ accounts were stolen and sold on the dark web later. Experts at Night Lion security say that hackers selling stolen Fortnite player accounts are making up to US$1 million annually.

Kaspersky advises using strong passwords and two-factor authentication (2FA) when possible to protect one’s gaming accounts. It also warns against using pirated copies of video games, as they are some of the favorite baits used by attackers. One should also ensure logging in through official gaming apps and services and not through third parties and refrain from revealing personal details and login credentials online, especially to sketchy phishing sites.