Online gaming has experienced a massive boom during the global pandemic, as people have turned to it in record numbers as a form of escapism, entertainment, and social interaction during government-imposed lockdowns. Experts are predicting the gaming business globally will be worth US $200 billion by the end of 2023, making it one of the fastest-growing industries on the planet.
However, with this expansion, the risks have also increased because hackers and cybercriminals are viewing this growing market as an opportunity for illicit gain and the chance to create havoc.
This is particularly the case with Mass Multi-Player Games (MMO) where coordinated attacks can take entire games offline, and cause substantial economic damage.
For example, it has been estimated that if Fortnite were to suffer an outage, then it could lose the US $400,000 per hour based on current revenue projections.
In part, the gaming companies themselves are to blame for the current increase in cyberattacks. In attempting to serve their rapidly growing customer base, they scaled up too fast in terms of new systems and networks, without paying adequate attention to cybersecurity.
And the migration to cloud-based platforms has exacerbated the problem, in part because users fail up to understand that they have a shared responsibility for the protection of customers’ data.
The gaming industry has been plagued by cyber-attacks, with almost a billion a month according to recent reports.
Gamers are a vulnerable group because few have security in mind when online, making them easy targets for cybercriminals who pose as fellow enthusiasts, gaining access to their computers and valuable personal data.
The gaming industry is the repository of vast amounts of personal data which it holds on users, as well as their credit card and other payment details, all of which it must protect.
The impact of a customer data breach can be far-reaching as can be seen from other industries, causing significant financial and reputational damage.
For example, a sustained cyber attack on Yahoo between 2013 -2014 is thought to have compromised the details of 3 billion user accounts, revealing their real names, addresses, dates of birth, and telephone numbers. It is estimated that the data breaches knocked the US $350 million off the value of the company.
Similarly, British Airways and Marriott Hotels were each fined over US 4100 m each for failing to adhere to their responsibilities under the EU’s GDPR (General Data Protection Regulations).
And to prove how exposed gaming companies are, then there is the example of Zynga, one of the biggest players in mobile gaming with millions of users worldwide.
In September 2018, a hacker based in Pakistan claimed to have gained illegal access to several of their #databases and the 218 million accounts wh8ich were registered there. The company later admitted that email addresses hashed passwords, phone numbers, and user IDs for both Zynga and Facebook accounts had been stolen.
Of course, gaming companies are not alone in facing such challenges, Online casinos, which have also boomed during a lockdown, are also, theoretically, vulnerable to hackers. The difference in their case is that reputable operators normally adhere to the licensing conditions of a reputable gambling authority. It is a prerequisite that their systems incorporate the best cybersecurity measures to prioritize the safety of players and their data.
This winnerama review illustrates such a regulated operator.
Perhaps the greatest danger to companies from a cyber-attack is the loss of customer trust. Dedicated gamers devote valuable time and money to creating an online identity, and expect the protection of this to be a priority.
And even if games do not pay out real money, virtual assets like loot boxes in online games can be exchanged with other players in exchange for cash. If this trust is undermined, then customers will simply vote with their fingers and choose an alternate game provider.
Of course, cybersecurity is a two-way process, and whilst the gaming companies should and must do more to protect the users, there also steps that gamers can make to protect themselves and their devices whilst playing online.
They include securing their accounts with a strong password, where possible enabling two-factor authentication, and avoid using a common password that they use elsewhere.
Also, they should never share login details with others and always remember to log out when they have finsi9hed a particular session.
Other measures that can be taken include refusing to engage with anybody online that asks for too much personal information or detail, and not reacting to trolls. Instead, they should report their behavior to a moderator or game support team.
And then there the actions that fall under general online etiquette not just for gamers, but any online user. They include not clicking on suspicious links, or downloads, avoid playing on public Wi-Fi, and keeping software and anti-virus protection, up to date.
Cybersecurity on game platforms is a problem that is only likely to get bigger as the industry continues to expand, Undoubtedly the operators need to be doing more in this respect, but gamers also have a responsibility to take some basic measures to keep themselves, and their data, safe.