Akamai: COVID-19 Lockdowns Saw Spike in Gaming Cyberattacks
The recent pandemic lockdowns had an unexpected consequence: an uptick in attack traffic against both video game companies and players.
That’s according to a new report from Akamai, which saw nearly 10 billion credential stuffing, along with 152 million web application attacks, between 2018-2020, with a notable spike in credential stuffing activity when isolation protocols were instituted around the world.
“The fine line between virtual fighting and real world attacks is gone,” said Steve Ragan, Akamai security researcher and author of Akamai’s state of the internet security report: “Gaming: You Can’t Solo Security.” “Criminals are launching relentless waves of attacks against games and players alike in order to compromise accounts, steal and profit from personal information and in-game assets, and gain competitive advantages. It’s vital that gamers, game publishers, and game services work in concert to combat these malicious activities through a combination of technology, vigilance, and good security hygiene.”
Criminals took advantage of the pandemic, with constant testing of credentials from old data breaches, in attempts to compromise new accounts using existing username and password combos, the report found. The report also detailed another threat gamers and companies alike need to continue watching out for: phishing, with bad actors creating “legitimate-looking websites related to a game or gaming platform with the goal of tricking players into revealing their login credentials.”
A “significant majority” of web application attacks the report monitored revolved around SQL injection (SQLi), which look to exploit user login credentials, personal data and more stored in a targeted server’s database.
Though gamers often report a hack, a survey conducted by Akamai with eSports and event producer DreamHack found that while 55 percent of respondents who identify as “frequent players” said they’ve been compromised, only 20 percent said they were worried about the implications.
“Gaming has always brought communities together, so all of us at DreamHack want to ensure our valued communities of fans and players are protected from cyberattacks of this nature,” said DreamHack chief strategy officer Tomas Lykedal. “These findings are important so everyone involved can also help ensure that, together, we are doing all we can to protect privacy and personal information when engaging on these world stages and global platforms.”
To access the report, click here.