The internet and digital technology have surely opened new avenues for businesses. However, with greater opportunities come greater threats. This article will talk about how cybercriminals have zeroed in on the gaming industry recently.
Ransomware Attack
Japanese game developer, Capcom, suffered a cyberattack impacting its systems, including file and email servers. The firm was forced to shut down some of its internal network operations due to the attack by unknown culprits. The creator of Resident Evil and Street Fighter lost 1TB of confidential data in the attack. Bleeping Computer reported that the Ragnar Locker ransomware was used in the attack. The ransom note contained the details of the stolen files and provided a link to a private data leak page on the ransomware’s website and another link to their Tor negotiation site.
Other Notable Attacks
The REvil ransomware gang claimed to have hacked Gaming Partners International, a supplier of gaming furniture and equipment. Allegedly 540GB of technical and financial documents were stolen. The attackers threatened to leak the data online if the ransom was not paid in 72 hours.
Egregor claimed to have hacked the source codes of gaming titles – Albion and Watch Dogs: Legion. The group had, moreover, claimed to contain Crytek files related to gaming titles, such as Warface and Arena of Fate. The Egregor leak site contained partial leaks for the hack. In mid-October, the forum of Albion Online was breached and the hacker stole usernames and password hashes. The breach size remains undisclosed.
Attack Vectors
SQL injection (58%) and local file inclusion (31%) are the top two web-based attack vectors in the gaming industry. Web-based attacks are followed by DDoS attacks. As observed by Akamai, 3,072 DDoS attacks were evidenced between July 2019 and June 2020. These attacks usually spike during the holidays.
Conclusion
With the gaming industry projected to reach a worth of $200 billion by 2023, the constant attacks on the gaming industry do not come as a surprise. However, the security space is evolving and gaming firms are focusing on the security of their players. Moreover, gamers have started realizing the importance of MFA and are leveraging them.