Whenever something gets big – really big – there are always people who want to exploit it. The gaming and esports industries are no different. The total market value of the gaming industry for 2018 came in at just over $194 billion. That's impressive – and bound to attract cybercriminals
The gaming industry is a major target for four reasons:
- All mobile game purchases, and many PC and console games purchases are now made digitally. This isn't changing anytime soon either, with most of the industry pushing towards all-digital sales.
- Playing online is a big part of what makes the gaming industry tick. This leaves players and online games vulnerable to attacks.
- There are dozens of digital platforms and game clients, and each one is a potential security hole for the consumer.
- Huge crowds flock to esports events where there's usually public wifi – which is notoriously unsafe.
These issues will be discussed in more detail below. Along with some advice on how users can deal with these problems.
The threat of digital platforms
Millions of game copies are sold every week on digital platforms like Steam, Epic Store, Origin and the Microsoft Store. All of these transactions are handled online, and digital copies are sent to the user's account. This makes these platforms the perfect playground for cybercriminals.
Players don't think twice about signing up and adding their payment or credit card info to these platforms. Thus making sure that hackers won't stop targeting digital stores and clients anytime soon. None of this is speculative either. Digital platforms have been breached plenty of times before, with hackers stealing user data, like login details and payment information.
Back in 2016, Kaspersky reported over 1200 versions of the Steam Stealer malware running rampant. This malware gave attackers access to user login information. With the number of users on Steam reaching tens of millions, even back in 2016, that was a big problem.
Then in 2017, the ESEA (E-Sports Entertainment Association League) database was hacked. ESEA is one of the top online game matchmaking services in the world, with big cash-prize tournaments for popular games. The hackers threatened to make over 1.5 million user accounts public if a ransom of $100,000 wasn't paid.
More recently in 2018, an independent security researcher discovered a security flaw in EA's Origin client which exposed user data. The bug sent an auto-login URL whenever someone who had the Origin client tried to log into EA.com. Auto-URLs are normal, but this one allowed anyone to use the URL without any authentication method. EA later fixed the issue, but it's still a worrisome development that could have affected millions of users.
Esports fans are ripe for the picking
The dangers surrounding digital purchases are obvious, but esports events are astonishingly unsafe too. They attract substantial crowds, who bring their mobile devices along. There's usually an online element to these events too, which encourages visitors to connect to the host's website or a digital platform.
The problem: unprotected WiFi. This is an enticing target for hackers, as it exposes a large group of people all at once. Public WiFis are famously insecure and therefore often targeted.
Taking security up a notch
It's vital that digital distribution companies and client owners make security a top priority. They must perform pen-testing, consult with cybersecurity experts, and take care of their service. But users cannot rely on these companies to protect their data.
They should protect themselves. It can be done by enabling two-factor authentication where possible and always keeping their software up to date. It's important to allow all updates because these often contain security patches.
Using a password manager is a good move too, especially with the number of clients and platforms out there. It's dangerous to reuse passwords because if one account is compromised, then the others will be as well. Password managers negate this possibility.
It's also a good idea to look into getting a VPN as an additional layer of security. It will stop malware from websites and encrypt all connections, even over public WiFi. There are plenty of good VPN services out there to choose from, so make sure to shop around a bit.
The sheer size of the gaming industry means that small security flaws can have huge repercussions and affect millions. That's why users need to think about cybersecurity whenever they are online.