SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Research shows attacks on the gaming industry are getting worse
Mon, 8th Aug 2022
FYI, this story is more than a year old

Web application attacks in the gaming sector have grown by 167% from Q1 2021 to Q1 2022, according to new research from Akamai.

The company's State of the Internet report has revealed that with gaming companies continuing to migrate operations to cloud, there are significant security gaps for left attacks and breaches.

The United States was found to be the main target of attackers (where a large majority of developers are based), followed by Switzerland, India, Japan, the United Kingdom and other nations throughout Europe and Asia.

Problems are also predominantly stemming from the use of microtransactions - prevalent in the gaming industry -  where cyber criminals can capitalise on the spending power of gamers without drawing attention to themselves.

It was revealed that the microtransaction market is reportedly expected to reach over 100 billion by 2026, creating a massive target for attackers. The report also found that the gaming industry is targeted for 37% of all DDoS attacks, even more than that of the financial sector, which stood at 22%.

Akamai's senior strategist, media - entertainment industries Jonathan Singer says the gaming industry is becoming one of the most accessible areas for cyber attacks to take place, and he affirms that threat actors are disrupting live services and co-opting credentials in ways that cause serious harm.

"As gaming activity has increased and evolved, so has the value of disrupting it through cyber attacks," he says.

"Cyber criminals typically disrupt live services and co-opt credentials to steal gaming assets. Also, with the industry's expansion into cloud gaming, new threat surfaces have opened up for attackers by bringing in new players who are prime targets for bad actors. Our latest report, Gaming Respawned, looks at why and how the gaming industry has become such a worldwide target that attracts cyber criminals, cheaters and money launderers."

The top three web application attacks were discovered to be LFI (38%), SQLi (34%), and XSS (24%). Web application and API attacks represented the largest category of attacks overall, and they have increased significantly in volume.

And streaming has also seen a significant increase, adding to even more opportunities for risk and threat. According to a study by Streamlabs and Stream Hatchet, Twitch saw an 83% year-on-year increase in viewership when the pandemic hit. Cross-platform progression has also meant people are playing more games on more devices and therefore exposing themselves to further risk.

"Cybercriminals know there is value in gaming, and they will continue to invent ways of getting it or exploiting the flow of virtual funds," the report says.