Gaming is booming. That’s catnip for cybercriminals

“When you add more users or devices or applications to a user pool, you’re creating a larger attack surface,” said Tony Lauro, director of security technology and strategy at Akamai Technologies, a content delivery company that hosts large swaths of the internet.

Update: 2022-10-18 01:31 GMT
Representative image

By AMANDA HOLPUCH

Millions of people escaped the drudgery of the COVID-19 pandemic’s first year by turning to video games, where they could cast spells, kill zombies and compete as their favourite athletes. These virtual worlds also lured a different kind of enthusiast — the kind who sought to steal people’s personal information and real-world dollars. In recent months, cybersecurity firms have warned that cybercrime in gaming has increased substantially since the start of the pandemic, and that the vulnerabilities — for game studios as well as players — are far from being vanquished.

“When you add more users or devices or applications to a user pool, you’re creating a larger attack surface,” said Tony Lauro, director of security technology and strategy at Akamai Technologies, a content delivery company that hosts large swaths of the internet. “In general, that is what is driving this massive increase over time.” An Akamai report published in August said web application attacks, which exploit vulnerabilities in online programs like mobile games, were up 167% from May 2021 to April 2022 compared with the same period the year before. And a report last month from Russian cybersecurity company Kaspersky Lab found a 13% increase in malicious software attacks on games in the first half of 2022 compared with the first half of 2021.

The range of attacks and targets in gaming is enormous. Gaming companies can lose huge batches of data, and their games can be taken offline temporarily. Individual players can lose game progress, money and sensitive personal data.

According to the Akamai report, gaming is the industry most hit by distributed denial-of-service, or DDoS, attacks, in which an attacker uses an automated technique to overwhelm servers with requests, severely slowing down the service or taking it offline altogether. These attacks can eat into a company’s bottom line as it scrambles to restore access and address customer complaints.

Akamai warned that as the gaming industry expands, it will attract more cybercrime. “Financial crime is happening to younger and younger players all the time because they are in the gaming ecosystem now,” Lauro said.

Not all attacks involve exploiting source code or crafting compromised links. Some are just straightforward scams. Lauro said he once paid for a prize for his son on Roblox, an online game platform, and the prize never showed up. But the transaction was so small — less than a dollar — that his son was not really bothered by it, and Lauro knew that law enforcement would not be, either.

“Little transactions of 60 cents here, there — who is going to investigate that?” he said.

For the person running such a scam, thousands or more of these payments, or micro-transactions, can net a high reward. Lauro and other cybersecurity firms have said that fraudsters often target small in-game purchases, which have become more popular in recent years, although there have been no major studies on how common these scams are.

Cheat codes are also a major threat for gamers: Criminals can use fake cheat programs to disable a target’s computer and steal information. In Kaspersky’s analysis of threats to 28 popular games, the company found thousands of files of this type, which affected more than 13,600 people from July 1, 2021, to June 30, 2022. Game studios have also struggled to fend off attempts to steal their users’ data, take their games offline or leak their game code. In these attacks, hackers may use the stolen information as ransom or try to auction it for huge sums of money.

Holpuch is a journalist with NYT©2022

The New York Times

Visit news.dtnext.in to explore our interactive epaper!

Download the DT Next app for more exciting features!

Click here for iOS

Click here for Android

Tags:    

Similar News

Editorial: Knives out

Editorial: Oh, to be Botswana!

Editorial: Wild things