Video gamers barraged with cyber attacks

As the fall-out from a cyber security incident affecting players of Activision’s Call of Duty settles, timely new research conducted by Akamai and gaming lifestyle festival DreamHack has shown the extent of cyber attacks on the gaming industry, which has suffered 152 million web application attacks and as many as 10 billion credential stuffing attacks in the past two years.

In the report, Gaming: You can’t solo security, which forms part of a wider series on the state of internet security, Akamai and DreamHack noted in particular that the volume of attacks had ramped up during Covid-19 lockdowns.

Online gaming has served as a major outlet for entertainment and social interaction for many people, and with many new accounts being created, cyber criminals were quick to take advantage of this, with a notable spike in credential stuffing activity as the result of credentials from old data breaches being tested in an attempt to compromise valuable account details.

Akamai noted that while many gamers have indeed been hacked, few of them were particularly concerned about it. The data showed that 55% of people who identified as frequent gamers had had an account compromised at some point, yet only 20% were “worried” or “very worried” about it.

Gamers also tended to view cyber security as a team effort, with 54% who said they had been hacked feeling it was a shared responsibility between themselves and the gaming companies. The report itself outlines a number of steps gamers can take to shore up their own defences, such as using password managers and multi-factor authentication, alongside resources that gaming companies can offer their users.

“Gaming has always brought communities together, so all of us at DreamHack want to ensure our valued communities of fans and players are protected from cyber attacks of this nature,” said DreamHack chief strategy officer Tomas Lykedal.

“These findings are important so everyone involved can also help to ensure that, together, we are doing all we can to protect privacy and personal information when engaging on these world stages and global platforms.”

DreamHack said gamers would always be highly targeted because they are engaged and socially active, often have disposable income and spend it on their accounts and experiences. These factors combined make them a tempting target for cyber criminals.

“The fine line between virtual fighting and real-world attacks is gone,” said Steve Ragan, Akamai security researcher and report author. “Criminals are launching relentless waves of attacks against games and players alike in order to compromise accounts, steal and profit from personal information and in-game assets and gain competitive advantages.

“It is vital that gamers, game publishers and game services work in concert to combat these malicious activities through a combination of technology, vigilance and good security hygiene.”

Besides credential stuffing attacks using stolen credentials and phishing attacks against gamers, which tend to rely on fake websites related to a game or platform to trick players into handing over their login details, Akamai also reported substantial volumes of web-based attacks on gaming platforms, most of them SQL injection attacks designed to get hold of login credentials stored on the targets’ servers.

Another frequently used attack vector was local file inclusion (LFI), which can expose player and game details that can be used for in-game exploits or cheats.

Akamai said cyber criminals often enjoyed targeting mobile and web-based games with SQL injection and LFI attacks because of the amount of information they can access if successful.

The other significant threat to gamers is distributed denial of service (DDoS) attacks, to which online gaming platforms are, by their very nature, highly vulnerable. Between July 2019 and June 2020, more than 3,000 of the 5,600 unique DDoS attacks Akamai observed were aimed at the gaming sector.

Noting the Mirai botnet, which was first created by college students to disable Minecraft servers and later used to launch DDoS attacks on an unprecedented scale, Akamai suggested that DDoS attacks on the sector were still frequently orchestrated by young people who have not yet turned to more disruptive forms of cyber criminal activity, such as online trolls or even frustrated gamers themselves. It noted that such attacks had a tendency to spike during the school holidays.