As the world of e-gaming prospers, a threat to its existence is evident in the form of cybercrime. Just like other sectors, the gaming industry is also an attractive prey for cybercriminals.
“Gamers across the world are being targeted with cyberattacks mainly using credential stuffing, and phishing to pilfer account details and card information,” a statement in the report from Akamai said.
This report from the leading cybersecurity provider and content delivery network examines the trends in cyberattacks against gaming companies.
For the report, Akamai partnered with a digital events company named “DreamHack” and surveyed over 1200 gamers between April and May, last year. The representatives from Akamai said the goal of the survey was to determine how gamers address security challenges that hit them on an almost daily basis.
In fact, the report also has some surprising facts to show. From July 2018 to June 2020, over 100 billion incidents of credentials stuffing were discovered out of which 10 billion were focused only on the gaming sector. To make such an attack possible, hackers try to gain access to games and their services by using lists and tools containing different usernames and passwords which they purchase from the Dark Web.
Lockdown due to COVID-19 is the main reason why more and more people turned towards gaming. And in these cases, hackers use the credentials from older data breaches to obtain access to accounts that may reuse the same credentials. As far as phishing campaigns are concerned, hackers include a malicious link in the emails that sound more than just convincing enough to entice users into clicking them. The only objective here is to make the user type their login credentials and capture the same.
Gaming companies and websites were also targeted by cybercriminals. Out of 10.6 billion attacks against gamers, more than 152 million were directed towards gaming companies and websites. Attacks on websites include employing SQL Injection in which hackers inject an SQL code through online forms that can be used to compromise the database. Another method used by them is Local File Inclusion, which involves using web apps to access files stored on the server.
Apart from LFI and SQL code methods, DDoS attacks (Distributed Denial of Services) are also one of the ways to target gaming sites. The report by Akamai also mentioned that out of 5600 DDoS attacks between July 2019 and June 2020, over 3000 DDoS attacks were targeted at the gaming industry.
The gaming industry is being increasingly targeted because of key factors. Gamers are engaged with social communities online and a majority of them have disposable income which they can spend on games and their gaming accounts.
Now, the question remains what can and should gamers do to remain protected from these attacks? The report answers that as well. It suggests gamers to avoid using recycled passwords and enabling multiple-factor authentication in their accounts. Also, using a password i.e. not too predictable and includes several characters, alphabets, and numbers will be a roadblock towards hacking attempts. Finally, the report asks gamers to remember that no customer support or their representative asks for personal or financial information unless they are being targeted by a scammer.