Gaming Is Booming. That’s Catnip for Cybercriminals. – The New York Times

Read Time:6 Minute, 18 Second

Cybersecurity experts warn that threats lurk in cheat codes, microtransactions and messages from fellow players.

Millions of people escaped the drudgery of the Covid-19 pandemic’s first year by turning to video games , where they could cast spells, kill zombies and compete as their favorite athletes.

These virtual worlds also lured in a different kind of enthusiast — the kind who sought to steal people’s personal information and real-world dollars.

In recent months, cybersecurity firms have warned that will cybercrime in gaming has increased substantially since the start of the pandemic, and that the vulnerabilities — for game studios as well as players — are far from being vanquished.

“When you add more users or devices or applications to an user pool, you’re creating a larger attack surface, ” said Tony Lauro, director of security technology and strategy at Akamai Technologies, a content delivery company that hosts large swaths of the internet. “In general, that is what is driving this massive increase over time. ”

An Akamai report published in August said web application attacks , which exploit vulnerabilities in online programs like mobile games, were up 167 percent from May 2021 to April 2022 compared with the same period the year before. And a report last month from the Russian cybersecurity company Kaspersky Lab found a 13 percent increase in malicious software attacks on games in the first half of 2022 compared with the first half of 2021.

The range of attacks and targets in gaming is enormous. Gaming companies can lose huge batches of data, and their games can be taken offline temporarily. Individual players can lose game progress, money and sensitive personal data.

Jessica Geoffroy, 29, was in some ways lucky that guilt was the main penalty she faced after she was hacked in December.

She realized something was wrong after she received a flurry of phone notifications from friends asking why she was still sending messages on Steam, a popular gaming platform, after she had gone to bed.

When Ms. Geoffroy found that she couldn’t log in to her Steam account, she knew she had been hacked.

“My heart was racing, ” she said. “I thought, Oh, God, what if they get my bank account information? What if they hack my friends and get their own bank account information? — not knowing how far this is going to go. ”

Fortunately, Ms. Geoffroy was able to reset her password that night. Nothing appeared to have been stolen, she said, but the girl felt “horrible” that the hacker had sent messages to her friends with the same compromised link that she had mindlessly clicked on — which another friend originally sent to her. That friend’s account disappeared after the link was sent, and she has not been able to get in contact with that person.

“A lot of people I know don’t think this stuff is going to happen to them, ” she said. “They don’t realize it can happen and it will happen. ”

Justin Cappos, a professor of computer science and engineering at New York University, said one thing that makes the gaming industry vulnerable is that developers are not hired to create secure software. They are hired to deliver games fast and frequently.

“If you are writing code that is meant for security, you often will spend a lot of time checking certain aspects of what is happening in the program to make sure everything is OK, ” Dr . Cappos stated. “You probably won’t have that same way of working through things if your primary goal, the main thing you care about, is to be fast. ”

According to the Akamai report, gaming is the industry most hit by distributed denial of service, or DDoS, attacks, in which an attacker uses an automated technique to overwhelm servers with requests, severely slowing down the service or taking it off-line altogether. These attacks may eat into a company’s bottom line as it scrambles to restore access and address customer complaints.

Akamai warned that as the gaming industry expands, it will attract a lot more cybercrime.

“Financial crime is happening to younger and younger players all the time because they are in the gaming ecosystem now, ” Mr. Lauro said.

Not all attacks involve exploiting source code or even crafting compromised links. Some are just straightforward scams. Mr. Lauro said he once paid for a prize for his son on Roblox, an online game platform, and the prize never showed up. But the transaction was so small — less than a dollar — that his son was not really bothered by it, plus Mr. Lauro knew law enforcement would not be, either.

“Little transactions of 60 cents here, there — who is going to investigate that? ” he mentioned.

For the person running such a scam, thousands or more of these payments, or microtransactions, can net a high reward. Mr. Lauro and other cybersecurity firms possess said that fraudsters often target small in-game purchases , which have become more popular in recent years, though there have been no major studies on how common these scams are.

Kaspersky warns that cheat codes are also a major threat for gamers: Criminals can use fake be unfaithful programs to disable the target’s computer and steal information. In Kaspersky’s analysis of threats to 28 popular games, the company found thousands of files of this type, which affected more than 13, 600 people from July 1, 2021, to June 30, 2022.

Kaspersky itself has come under scrutiny, underscoring the murky complexities of cybersecurity. In March, the particular Federal Communications Commission added the company, which is based in Moscow, to a list of communications services it considers national security threats. Kaspersky said the decision was made “on political grounds. ” In any case, the company’s gaming research is consistent with other reports on the industry.

Game studios have also struggled to fend off attempts in order to steal their users’ information, take their games offline or leak their game code. In these attacks, hackers may use the stolen information as ransom or try to auction it for huge sums of money.

In June 2021, a hacker stole game code from Electronic Arts , the maker of the FIFA and Sims series. The stolen information was put up for auction with a starting bid associated with $500, 000, according to the cybersecurity expert who spoke with The Times.

Rockstar Games, another prominent video game maker, disclosed last month that “an unauthorized third party illegally accessed and downloaded confidential information ” from its systems, including unfinished footage from the next game within the Grand Theft Auto series.

In July, Bandai Namco, which publishes popular titles like Tekken and Elden Ring, said it was hacked . After an investigation, the company said this month that it could not rule out “ the possibility of external leakage of information . ”

Mayra Rosario Fuentes, a senior threat researcher at Trend Micro, a cybersecurity company, stated in an email that the big gaming companies are prime targets because they make billions of bucks and have huge pools of customers. “Cybercriminals know they do not want customers upset if their sport goes offline, which then makes it to the media and could hurt revenue, ” Ms. Fuentes wrote.

Ms. Fuentes said gaming businesses needed to patch vulnerabilities in their code, improve employee training about hacks and look out for online leaks of employee credentials.

The girl and the other cybersecurity experts interviewed for this article said that despite the increase in threats, players could take steps to protect themselves: Use two-factor authentication , do not reuse passwords and keep software updated .

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous post Cloud Gaming for All – Lenovo’s New IdeaPad Chromebook Offers an Easy Gateway to Premium Gameplay – Lenovo StoryHub
Next post Nintendo plans to bring Switch Sports back online and compensate players for downtime – Video Games Chronicle