Cyber attacks target video game companies and players

High volumes of attacks have targeted video game companies and players between 2018 and 2020, with an inevitable uptick in attack traffic that correlates with COVID-19-related lockdowns.

A new report from Akamai shows that game players themselves are subjected to a steady barrage of criminal activity, largely through credential stuffing and phishing attacks.

Akamai observed more than 100 billion credential stuffing attacks from July 2018 to June 2020, with nearly 10 billion of these targeting the gaming sector. It also saw 10.6 billion web application attacks across its customers over the same period, more than 152 million of which were directed toward the gaming industry. Over 3,000 unique DDoS attacks were aimed at the gaming industry too.

"The fine line between virtual fighting and real world attacks is gone," says Steve Ragan, Akamai security researcher and author of the report. "Criminals are launching relentless waves of attacks against games and players alike in order to compromise accounts, steal and profit from personal information and in-game assets, and gain competitive advantages. It's vital that gamers, game publishers, and game services work in concert to combat these malicious activities through a combination of technology, vigilance, and good security hygiene."

While video games have served as a major outlet for entertainment and social interaction during the COVID-19-driven lockdowns they have also offered an opportunity to criminals. A notable spike in credential stuffing activity occurred as lockdowns began around the world. Much of the traffic being the result of criminals testing credentials from old data breaches in attempts to compromise new accounts created using existing usernames and passwords.

However, there seems to be a noted lack of concern among gamers. In an upcoming survey of gamer attitudes toward security conducted by Akamai and gaming community DreamHack, 55 percent of the respondents who identify as frequent players admit to having had an account compromised at some point, but of those, only 20 percent say they were worried or very worried about it.

Gamers have several qualities that criminals look for. They're engaged and active in social communities, they mostly have disposable income and they tend to spend it on their gaming accounts and gaming experiences. When these factors are combined, criminals see the gaming industry as a target-rich environment.

You can get the full report from the Akamai site and there's a webinar to discuss the findings on September 24 at 11am ET.

Photo credit: lipik / Shutterstock