The US is the number one target for cyber-attacks on the gaming sector, with incidents up 167% in the past year and DDoS and ransomware attacks among the main problems facing the industry...
A new report by cybersecurity firm Akamai, titled Gaming Respawned, reveals that the US leads the field in such attacks, followed by Switzerland, India, Japan, and the United Kingdom.
Akamai’s latest State of the Internet (SOTI) report states that, “Cyber-criminals know there is value in gaming, and they will continue to invent ways of getting it or exploiting the flow of virtual funds.”
They add: “Cyberattacks on player accounts and gaming companies increased dramatically in the past year,” with the 167% increase focused mainly on web application and API attacks.
The top three web application attacks were:
- LFI, Local File Inclusion attacks, where attackers trick a web application into running or exposing files on a web server, accounting for 38% of attacks,
- SQLi, a code “injection” which gains unauthorized access to a web application database by adding a string of malicious code to a database query, responsible for 34% of all attacks, and
- XSS, Cross-Site Scripting, another type of injection attack, in which malicious scripts are injected into otherwise benign and trusted websites, at 24%.
“As gaming activity has increased and evolved, so has the value of disrupting it through cyber-attacks,” states Jonathan Singer, Akamai's senior strategist for the media and entertainment industries.
He adds: “Cyber-criminals typically disrupt live services and co-opt credentials to steal gaming assets. Also, with the industry’s expansion into cloud gaming, new threat surfaces have opened up for attackers by bringing in new players who are prime targets for bad actors.”
DDoS attacks, or Distributed Denial-of-Service, are one of the main threats against the gaming industry, up 5% year-on-year and accounting for 37% of all attacks worldwide.
A DDoS attack is described by CloudFlare as “a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic."
GGPoker suffered a major DDoS attack on the opening day of their 2020 Online WSOP, with two separate attacks. The first saw client loading times affected, along with cash game hand dealing, Spin & Gold table loading, tournament registration and tournament table loading, with the second attack causing disconnection issues.
ACR were also victims of cyberattacks in 2018, with their Million Dollar Sunday event cancelled because of ransomware issues, with an ACR statement reading:
“In many instances, these attacks are motivated by financial gain where the attacker asks for a ransom for the attacks to stop. However, it’s our policy to never pay ransom regardless of the cost, as we will never give in to cyber-terrorism.”
Outside of poker, last year saw a massive data breach at gaming giant Electronic Arts (EA), which included game source code and tools for several popular games. Cyber-criminals advertised a total of 780GB of data for sale on underground hacking forums.
Last year also saw a string of six tribal-owned casinos in Oklahoma hit by a ransomware attack, the Lucky Star Casino brand admitting they had, “unfortunately joined the growing list of government agencies, businesses, and other casinos to be hit by a ransomware attack.”