Gaming, as we know it today, is new when you compare it to many other industries. The introduction of online gaming and the advancement of gaming rigs has completely changed the landscape.
In just forty years, we’ve seen a progression from simple arcade games to virtual reality gaming. The industry nets billions every year. That’s hardly surprising considering that gaming offers a complete escape from daily life.
But that’s not what we want to discuss today. Instead, we want to focus on cybersecurity and the gaming industry. Why? Because it’s also a very new section of the industry. Your traditional arcade games had no internet access. Neither did the original PlayStation One.
But, with the introduction of multi-functional devices, and PC gaming, cybersecurity has become an ever-increasing problem.
What is the Danger?
Now, you may wonder what the danger is. After all, you don’t have to fill in a lot of private details to register an Xbox or Steam account. Most of us know better than to store our credit card details on these sites. Even if we do, those details are usually highly encrypted. What’s the hacker going to get – your latest World of Warcraft score?
Now let’s look at things from a different perspective. How do you usually sign into those accounts? You use your email address or favorite username and password. How well are those details protected? And, for that matter, how secure is that gaming forum you’re a member of?
As it turns out, this could be the first weak spot in the system. According to research by Akamai, media accounts, like online gaming platforms, Netflix, and so on are prime targets for those using credential stuffing attacks.
What’s a Credential Stuffing Attack?
It starts off with a breach. Hackers will attack sites that are more vulnerable. In this case, a gaming site or forum. These are typically less secure than a banking site would be, for example. Instead of going after financial details, though, they steal usernames or emails and passwords.
That’s all they need for a credential stuffing attack. They’ll then use bots to try inputting those details into other sites. Sites that do contain a lot more valuable information. Like, for example, financial institutions.
Do you see where this is going? Let’s spell it out. 52% of people use the same password for multiple sites. If you’re one of them, the criminal has everything that they need to access more sensitive information.
If a bot comes across a successful log in, they record the results. From there, the hacker can choose to use the details, or to sell them to someone else.
Why the Gaming Industry is at Risk
For starters, most companies make accessing the system as simple as possible for their consumers. How many two-factor authentication systems have you seen on these sites? That’s because they know that the harder login is, the more likely it is for them to lose you as a client. So, opt for a simple email + password system at most.
The second reason is the competitiveness of the industry. Game developers must be able to deliver new games fast in order to keep up. This increases the chances of bugs or potential areas to exploit.
It’s Not Just Credential Stuffing That’s a Problem
Hackers may also use forums or game chats as platforms for phishing. They may upload malware or spyware onto a forum claiming it’s a fix for a problem a gamer is experiencing. They could exploit a weakness in a game to gain access to your system.
And you thought gaming was harmless. Well, not anymore.
How to Protect Yourself
Start off by keeping your details private. Don’t fill in a lot of information on your gaming profile. If need be, make stuff up. Your profile shouldn’t contain any details that might help someone guess your password.
It’s also worth considering everyone else online as a suspect. Maybe you’ve been playing online with someone for months. It doesn’t matter. You have no idea who they really are. Hackers will often maintain profiles on gaming sites and forums to establish credibility over time.
Next, consider using a VPN while online. It’s an extra layer of security, but it shouldn’t be your only layer of security. We also suggest using two-factor authentication on as many sites as you can. It’s annoying, but it only takes a few extra seconds.
Don’t Use the Same Passwords
Your next tip may be the most important one. Don’t use the same password for all your accounts. It’s a pain in the butt, but you can opt to have Google select and store a secure random password for you. At the very least, ensure that your banking profiles and business logins have a unique password.
Run Updates Regularly
May sure that you update your operating system regularly. While you’re at it, check for updates on the games as well. This way, you won’t miss important security patches.
Be Careful with Downloads
If you’re buying a game, for example, stick to reputable sites. If you’re not sure who the publisher is, steer clear. Think the app stores are safe? Think again. Kaspersky identified malicious software in the CamScanner app on the Google play store.
What’s even more frightening is that this is a very popular app with more than 100 million downloads. Even scarier is that the original versions of the app didn’t contain the malware. This was later introduced through updates.