Cyberattacks are nothing new. Ever since the advent of the internet, there have always been malicious actors in the online space trying to break into computer systems, steal valuable data to use it to their advantage or simply cause damage to the people or companies they target. As the digital landscape developed and technology advanced, so did hackers’ skills. They are constantly coming up with new and much more efficient ways to exploit the vulnerabilities they encounter, so nothing and no one is 100% safe in the online environment.
Although all organizations have their weaknesses, some entities run a higher risk of falling victims to hackers and cyberattacks than others. With the start of the coronavirus pandemic and the profound transformations in the work environment, the number of cybercrimes reported has been on a rising trend. And it appears that one of the most vulnerable categories lately are the video game companies and actors operating in the gaming industry.
In 2020 and 2021 there have been several cyberattacks targeting major video game companies that raised concerns regarding the safety of these platforms. If reputable organizations in the industry can fall victims to hackers, no one is really on the safe side.
In 2020, the Webkinz World game, developed by Canadian toy company Ganz, was the target of a cyberattack in which over 20 million online players had their username and passwords leaked on a popular hacking forum.
The same year, another major cyberattack occurred, this time targeting Nintendo. Almost 300.000 customers were affected, as hackers managed to break into their ID accounts on the Nintendo platform, giving them access to virtual funds or PayPal accounts.
Earlier this year, the Polish video game company CD Projekt was the victim of a ransomware attack. Hackers got hold of important confidential data from the company and asked for a very generous ransom, which CD Projekt refused to pay.
But it’s not just these attacks that raise serious questions of security in the gaming industry. It’s also the many vulnerabilities that much too often remain unaddressed by major companies. A relevant example in this regard is the bug found in Valve’s CS:GO that would allow hackers to take over a user’s computer. This vulnerability was discovered by an independent researcher and brought to the attention of the company in 2019, but it took Valve a long time to address the issue.
Why the gaming industry?
The online world is extremely diverse, to say the least. There are countless organizations and actors in the digital space that can become a target for cyberattacks. So, the question is why out of all these entities do hackers focus so much on the gaming industry lately? Studies have shown there are several motivations behind this trend, and we’re going to discuss them all here.
It’s all about the money
The main motivation for cyberattacks in the gaming industry is without a doubt the potential to win big money. It’s no news that the gaming industry is thriving, generating an impressive revenue year after year. If you analyze things from this perspective, it’s only logical that cyber criminals will go where the money is, and video game companies sure have a lot of money.
A skilled hacker who finds a vulnerability in a video game platform could be sitting on a goldmine. If someone gains access to high-level accounts, they can sell them to other players. There are more than enough people who are willing to take the easy route and pay for these accounts, so hackers can earn impressive amounts of money using this method.
While ransomware attacks are not as common as the previous technique, they are still present in the gaming industry. The cyberattack on CD Projekt that we mentioned in the first part of the article is an example of how hackers can earn money by stealing valuable data from a video game company.
Attackers can get hold of important information and then ask the companies for a generous sum of money to give back the data they’ve stolen. There’s no guarantee that they will get the data back if they pay the ransom, but in most cases it’s the only option these companies have.
Testing their skills
When it’s not about money, it’s about skills. A lot of rookie hackers are looking for ways to improve their hacking abilities, so they look for potential testing ground, and the gaming industry seems to serve the purpose. Going after major institutions, like government organizations, banks etc. can be daunting for newbies, but video game companies are not as scary.
It’s a common belief that the consequences for hacking a video game network are less severe, and this encourages hackers to test their skills on these companies. It’s almost a rite of passage for hackers to attack video game companies, and that has become a major threat for game developers.
Beating the competition
Making a profit and improving skills are not the only things that can determine someone to engage in hacking activities. There’s also the desire to beat the competition that can stand behind a cyberattack. Video games are by design extremely competitive, so a lot of players are looking for hacks to get one step ahead of others and increase their chances of success.
And that’s where hacking enters the scene to help players exploit certain vulnerabilities in the games they play in order to gain a competitive advantage. There are many ways in which these vulnerabilities can be used to beat the competition, such as earning infinite health, gaining access to better gear, improving speed etc. The better the hacks, the higher the chances of becoming invincible in a game.
As you can see, the gaming industry is no stranger to cyberattacks, and the worst part is these events are becoming more frequent. This stresses the importance of focusing on implementing strong security strategies in the industry and adopting a preventive approach instead of a reactive one.