Steve Hicks, Head of Global Sales at BullGuard

Cybercriminals set their sights on gamers amidst lockdown gaming spree

Steve Hicks, Head of Global Sales, BullGuard discusses BullGuard’s Game Booster, a feature of BullGuard Internet Security, which actually boosts system performance for gamers while protecting them

The furore that greeted Sony’s withdrawal of the much-touted Cyberpunk 2077 from shop shelves revealed just how mainstream gaming has become. Nine years in development the game was billed as “breath-taking”, with great graphics, immersive simulator systems and gripping quest design, however, it was also riddled with bugs. This discovery was equally breath-taking.

Gamers want games that are ultra-smooth and lightning-fast. Buggy games cause distractions and become irritating. This is why almost half of gamers across Europe prefer PCs to well-known consoles such as the Xbox and PlayStation. You can upgrade and squeeze more performance out of a PC. PC Gamers also enjoy being able to add gameplay mods, such as UK police and their patrol cars in the definitively North American Grand Theft Auto. With a console, you have no room for improvement.

Three million DDoS attacks
The downside of PC gaming is the assault from cyber-hacking opportunists. PC Gaming is a big industry and one that attracts cybercriminals like bees to a honey pot. Because milliseconds can be the difference between winning and losing a professional game, gamers are particularly vulnerable to distributed denial-of-service (DDoS) hacks. On the dark web, you’ll even find DDoS services for hire on gaming forums. Attackers use these services to take down games until a ransom is paid.

Research shows that most gamers have played a game that has been knocked offline due to DDoS attacks. Imperva’s Global DDoS Threat Landscape Report said that in 2019 the online gaming industry topped the list of targeted industries, with 35.92% of total DDoS attacks aimed at gamers. That’s just over 3 million DDoS attacks in one year.

Dark web awash with stolen IDs
2020 research from gaming lifestyle festival, DreamHack in conjunction with Akamai, Gaming: You can’t solo security, revealed that gaming industry cyber-attacks have ramped up. The report estimates that in the past two years there have been 152 million web application attacks and as many as 10 billion credential stuffing attacks aimed at gamers.

To steal ID credentials hackers use common methods such as SQL injections to penetrate backend databases and Local File Inclusion (LFI), which exploits vulnerable web applications. But many also prefer to use the much simpler phishing email route, which sends gamers to malicious web pages where ID credentials are stolen. The phishing emails are dressed up as ‘legitimate’ messages from gaming organisations. The dark web and hacker forums are awash with stolen ID credentials. It’s a huge and lucrative underground industry with accounts sold for around £10 each.

Malware is also a significant problem. In November 2020, Capcom, the game developer behind the infamous Resident Evil, Street Fighter and Dark Stalkers, said that a ransomware attack had compromised the personal data of up to 400,000 gamers.

Individual gamers are also targeted by ransomware, which brings a game to a sudden dead stop and demands Bitcoin payment in exchange for the safe return of encrypted game files. These attacks have infected many games, including favourites like Call of Duty, World of Warcraft and Minecraft. In fact, think of any type of malware, whether it’s spyware, scareware, key stroke loggers, banking Trojans and so on, and it has been deployed against gamers and will continue to be so.

And this tsunami of assaults will only get bigger as the industry evolves and grows. Recently, Russian Billionaire Mikhail Prokhorov, worth an estimated $11.4 billion, sunk a significant investment into a new 3D social gaming platform called Sensorium. Partnerships with world-renowned venues and artists, designed to create 3D virtual representations of the venues, musicians, DJ’s and dancers, have already been struck. An in-game cryptocurrency has also been launched. Played on a PC, Sensorium signals a next step in the evolution of gaming and one which cybercriminals will inevitably set their sights on and learn to exploit.

It’s not all one way, however. It’s fair to say that gamers have latched onto the benefits of using a VPN to beat back DDoS attacks and also gain guaranteed high performance. However, despite the arsenal of malware and phishing attacks aimed at them, their near-obsessive need for top performance can often over-ride their perceived need for cybersecurity.

Gamers will actively choose to turn off their cyber protection to ensure their gameplay is not hindered. The industry needs to help gamers to dodge the onslaught of cyberattacks aimed at them. BullGuard has already addressed this problem by designing BullGuard Game Booster, a feature of BullGuard Internet Security, which actually boosts system performance for gamers while protecting them. And the Channel could indeed capitalise on promoting such products, given the urgent need for cyber protection in an industry that is just to going to keep growing and growing.

Read the latest edition of PCR’s monthly magazine below:

Like this content? Sign up for the free PCR Daily Digest email service to get the latest tech news straight to your inbox. You can also follow PCR on Twitter and Facebook.

Check Also

Weak passwords leave companies open to cyber attacks

A study of 1,247 workplaces, by cybersecurity experts VPNoverview.com, found that two-thirds of businesses (66%) leave …