Iain Chidgey, VP EMEA for Sumo Logic, talks to PCR about using data to keep customers secure against attacks, and what that means in practice.
Sumo Logic is a cloud security provider that works with a lot of big game companies around how they keep their customers and their data secure. Here Iain Chidgey, VP EMEA for Sumo Logic looks at player data – who is doing what, and what is normal activity? Finding bad patterns – spotting account hacks and attacks on customer accounts and Spotting issues in-game – like bad behaviour that spoils others’ games with hacks.
How big is the issue around security and gaming?
The gaming industry is massive today. According to IDC, the video game market is up by 20 percent to $179.7 billion in revenues during 2020, which means it has revenues higher than the music and film industries. Any industry attracting this level of spend will also see those that want to get their unfair share of that revenue through theft. At the same time, gaming has its own approach to monetisation that makes customers attractive targets.
For gamers, what are the big challenges today?
There are several categories of risks – some are more worrying than others. At the serious end, account hijacking is an issue as people spend real-world money on game items or currency. There have been examples of accounts getting stolen through bad passwords or social engineering attacks, which has led to financial loss. For example, if you have a valuable and rare item attached to your account in the game, stealing that account and gifting the item on for someone else to sell is a risk.
Another risk is that game accounts can have your bank account linked to your game identity. If someone gets access to your account then they can try to use that to buy and gift currency. This can lead to racking up serious bills if you don’t notice it quickly.
Lastly, there is the issue of personal safety. People can chat in-game and they can share details on themselves, such as where they live and their names. This is not advisable for kids to do, and hosting this kind of information on gaming channels is a risk for the game company too.
There are some simple rules for gamers to follow around keeping themselves safe online, and they apply in-game as well – don’t use simple passwords, don’t share your real name in game sessions or chat with people that you don’t know in real life, and apply strong authentication if the game supports it. If the game supports it, then definitely take advantage of features like two factor authentication around your account.
There’s also a future element here around how we educate our children around security, so they understand the need for two-factor authentication and how to use it. Gaming companies have a social responsibility to protect children and help parents protect them.
What other problems do gamers face?
There are attacks that try to exploit the game through finding loopholes in the game logic. These are annoying for other players but they are not a risk. Another alternative is to implement additional software and put in a cheat. An example of this would include bots that can automate responses for you and make you a better player than others. This is less risky for other players, but it does affect other players negatively. If there are enough opportunities for cheating where people try to get any advantage they can, it can affect the success of the game. If people are not having fun due to cheats, then they won’t keep playing – and paying for – the game.
How about gaming companies – are their problems the same?
For gaming companies, there are more threats to consider. Alongside nuisances and cheats, there will be attacks on individual accounts and there will be attempts to compromise the infrastructure for the game as a whole. Attackers will attempt to get access to financial data and bank account details, but rather than looking at single customer accounts they will target all your customers.
These attacks may also go after game code and assets like intellectual property. This is valuable, and it all needs to be properly backed up and protected. A recent example of this is CD Projekt Red, where hackers got into their development systems, then used ransomware to encrypt code and demanded money to unlock these files. The company had a good backup system in place, so they were able to respond effectively.
How do companies find these problems in the first place?
Finding security problems in your infrastructure involves knowing what normally happens across your applications and services, then looking out for odd patterns and anomalies. All this data gets created continuously, so tracking these developments has to take place continuously as well. For example, you can find issues in player behaviour where people might be carrying out actions that would not normally be part of the game. This can show where there is a fault in the game that players are trying to exploit, and this can then be fixed during your next patch.
This same approach is what gets applied for security of cloud infrastructure or IT systems. The scale is much higher, so applying analytics and filtering is essential for game developers and publishers to keep up. For games today, cloud computing services are commonly used to host the application components and infrastructure like databases. Building up continuous intelligence around your gaming IT is necessary to keep up.
What challenges come up that customers don’t know about?
One issue that most people don’t think about is what happens to their data over time. For example, data on children is much more sensitive, so it has to be protected. If you do retain data for any length of time, then you will have to meet compliance requirements. The European Union’s General Data Protection Regulation (GDPR) has specific guidance on what to do around data on children, so any game provider should follow these rules.
Gaming companies have to take extra precautions around holding and storing personal data or anything identifiable that might link that account to a person in the real world. This includes how that data is processed and used within the game, as well as the support functions that might store customer information for other purposes like payment or account management. They all have to be protected.
Are there any other issues around eSports to think about from a security perspective?
eSports is growing rapidly. According to Perforce’s research report The State of Game Development Report 2020 & Beyond, the eSports and online competitive gaming markets are expected to become a $1.8 million industry by 2022. This is partially due to the impact of COVID-19.
The potential issue for eSports companies is the same as any media company – there will be those that want to get access for free if the service is paid, or to exploit the content for their use. When you have thousands or millions of people watching, you have to care about things like quality of service and scaling up, and that infrastructure has to be secure too. Another common issue would be Distributed Denial of Service – this would stop services from being available due to the sheer amount of traffic sent at a site. Protecting against traffic spikes is essential while you have that many people that want to watch live.
Streaming video sites have to protect their infrastructure and applications in the same way as gaming companies. This involves looking at any apps used to access the videos, the platforms they are on, and the web applications and browsers used. All these components have to be secure.
How might cloud gaming approaches help in the future?
Cloud gaming is an interesting one – it would remove the need for people to buy dedicated consoles every year and make those games available on demand. From a customer perspective, that can be good if the cost is lower than buying machines and games. According to the Perforce report, streaming games from the cloud will grow the most in this decade according to developers, with 42 percent of those surveyed thinking that cloud and streaming gaming will be the biggest opportunity. However, the availability of broadband and the latency side are still things that need more work.
From a security perspective, streaming the game experience to the player makes things easier. All the game components exist in the cloud, so there is more control over the infrastructure side as all the user sees is what takes place in their window. That should reduce the potential for attacks on the games themselves with things like aimbots and the like, but it will put all the emphasis on how well the cloud gaming infrastructure is secured.
Read the latest edition of PCR’s monthly magazine below: