In today’s all-tech world, any organization can be susceptible to cyberattacks. But some have proved to be vulnerable over the past year as the pandemic has wreaked havoc with the traditional work environment. A report from BlackCloak reveals how cybercriminals have been targeting the gaming industry and key executives.
Citing BlackCloak’s report, the C-suite executives were 12 times more likely to be targeted by cybercriminals than other employees. What’s more, 71% of attacks against these executives were financially driven as malicious intenders sought to earn more money by deploying ransomware, selling intellectual property or personal data.
Analyzing some of the top 20 video game companies in the world, the research team also found that C-suite executives were the most targeted in attacks that occurred in 2020. The team also indicated a few reasons to explain this trend.
Online gaming platforms are the target partly because they don’t abide by the same cybersecurity requirements and regulatory policies as do other organizations that must protect user data. For instance, a video game startup may not employ the same security protocols as would a bank or a hospital.
Gamers tend to reuse the same password across different platforms. Cybercriminals who access user’s login credentials can then launch all sorts of attacks against the gaming platforms. Even so, many video game players like to “hack” the games they play to gain an advantage over their fellow players. Online players, many excited by the thrill of hacking, may take the next step and try to hack the platform’s network.
BlackCloak also revealed a number of vulnerabilities in the credentials used by the C-suite executive at video game platforms. 98% of the passwords analyzed were located in clear text on the Dark Web. Amongst these, 68% of the passwords were linked with the executive’s personal email address. What’s more, 34% of the executives recycled passwords or used the same password with a slight modification on multiple accounts.
Another research from April 2020 found that the daily number of blocked efforts to direct players to malicious gaming-themed sites surged by 54%, compared to January 2020. In the same month, the number of blocked attempts to force players onto phishing pages for one of the most popular gaming platforms also reached a whopping 40% compared to February 2020.
According to Techrobot, mainstream first-person shooters like CS: GO have long been a worthy exploit through bugs that acquire private information from anyone who accepted a Steam invitation. Minecraft and The Witcher 3 were also titles most often used by cybercriminals in their quest for valuable credentials. Security experts said the hackers used the promise of cheats to lure negligent players into clicking malicious links.
The past few months have shown that online gamers are highly susceptible to falling for clicking on malicious links or falling for phishing attacks when it comes to online games – whether they’re eager for a chat will help them beat the game or looking to find pirated game versions.
Security experts recommend at-home players who play and work on the same machine to be especially wary of cyber threats.
Gaming Cheats – A gateway to hacking
There is a great chance that many of today’s bad actors were introduced to hacking through altering video games. It’s possible that many ethical hackers, such as ransomware or bug bounty hunters, “entered the game” the same way.
Topiary, a superstar among hackers and an associate in the internet group Anonymous – now promotes ethical hacking in schools and elsewhere. Topiary has modified games, the same ones that got him hooked into this craft. The problem here is that governments increasingly see gaming as a major threat – as a route to hacking. Of course, this gaming path doesn’t always lead to hacker life, but if you ask a programmer or someone into the tech world where they started, game modification is one of them.
But for the less curious gaming audience, in order to enjoy a safer and more enjoyable online gaming experience, they must follow rigorous, if not casual, cybersecurity protocols to protect themselves. Therefore, they’ll need to:
Secure gaming and store accounts
For online stores and gaming platforms that store personal data and financial data, gamers will need to:
- Secure their accounts with an actually strong password
- Set the two-factor authentication where possible
- Avoid recycling passwords
- Never share login information with other
- Remember the logout
Keep Personal Data Private
Gamers should be wary of revealing or oversharing credentials when playing online. They must keep their personal information as private as possible when playing with others, especially unknown players. This can help minimize the risk of harassment, abuse, or stalking and even identify phishing attempts and identify theft.
Don’t Promote Bad Behaviour or Trolls
Players who value their safety must not engage with players who are harassing or abusive – it’s that simple. The more someone reacts, the more likely it is that they will continue. Instead, players should report such behaviours to the game developer or the support teams. They can also provide documentation so that proper actions can be taken fast and without too much hassle.
Purchase from Trusted Online Platforms
Wary gaming enthusiasts know that purchasing from well-established and trusted gaming platforms will immediately reduce the risk of falling prey to viruses, ransomware threats and other scammers.
There are multiple safe and trusted options for almost every device:
- iPhone and iPad users should stick to the Apple store.
- Android users should use only Google play and avoid sideloading.
- Mac and Windows users should use their own app store as well as a reliable online store like Humble Bundle or Origin.
- Console users should purchase and download digital copies online through the console producer’s online stores.
Before you go, remember that no company representative or customer support for a game you play will ever require financial or personal or authenticator codes for you to use your account. In case you receive such a request, it’s a clear signal that someone is targeting you.
