By Chris Thomas –
Video and mobile gaming are great ways for people to pass the time, forget about their worries, and show off their skills to other competitors. It’s also becoming an increasingly profitable industry in the Southeast Asian region, according to a Niko Partners report, which predicts that revenue generated by both PC and mobile games will grow from USD5.8 billion in 2023 to USD7.2 billion by 2027. Singapore’s gaming industry itself has the second-fastest growing revenue rate in Southeast Asia at 8.2 percent as of 2023, trailing behind Indonesia.
However, these positive developments can attract opportunistic cyberattackers looking to cause as much damage as possible, as noted by the recent high-profile breach at Rockstar. In particular, the increasing popularity of e-sports competitions, which is one of the primary drivers of the region’s gaming industry growth, allows hacktivists to draw the public’s attention to social and political causes. Furthermore, increased funding from local governments and global gaming companies in a fast-growing region can also attract profit-driven cybercriminals looking to fuel their operations or simply enrich themselves.
The onus is on gaming companies to safeguard players’ experiences and the systems that power them. Otherwise, companies will struggle to maintain both their player base and their survivability. To achieve this, gaming companies need to adopt a network security approach that leverages advanced threat detection measures and works with other solutions to deliver a coordinated response.
Gaming studios vs. cyberattacks
Games with large player bases contain a treasure trove of sensitive information that attackers can use to blackmail their victims or impersonate other people. Stolen credentials can also be used to initiate account takeover attacks. Once the account is hijacked, the attacker can then sell these accounts, as well as the virtual items and in-game currency contained within, on the black market.
Cheats and modding tactics are also another threat that gaming companies have to face, as there are players who refuse to follow the intended gameplay rules and mechanics and instead gain every unfair advantage possible to win. This is even more so during online competitive events with big prize money involved. One such tactic cheaters use is distributed denial-of-service (DDoS) attacks, which can disrupt an opponent’s connection to a server and prevent losses by forcing their opponents to disconnect.
Finally, attackers can also use vulnerable web applications and APIs as entry points to breach the system. With remote code execution like Log4Shell and Oracle and ThinkPad bugs, organisations can gain control of gaming services, making it easier for them to modify or disrupt gaming features. Furthermore, attackers can use shadow APIs that are not maintained by IT teams to gain access to user passwords or bank account numbers.
Rule the game with network security
For gaming companies to stay one step ahead of cyberattacks and keep their games up and running, they need to focus their efforts on reinforcing network security. To that end, gaming companies need the help of network detection and response (NDR) platforms designed to improve visibility over application performance and threats lurking in plain sight.
These capabilities were what motivated South Korean-based gaming company NCSoft to integrate network detection and response (NDR) platform to safeguard their 4,000 employees against potential data leakages. In doing so, they gave developers and technicians more space to focus on delivering new experiences.
Real-time traffic decryption empowered security teams with the means to reduce the number of blind spots they had to contend with. This feature was further enhanced by the platform’s cloud intelligence and AI functions, which allowed teams to scour network traffic for unsanctioned devices and applications. And with simplified deployment and management capabilities, NCSoft was able to set up sophisticated threat hunting functions quickly for its entire global operations.
Gaming can be a fun and exciting hobby for people, but it can also be a nightmare if their accounts and information are compromised by a cyberattack. By including NDR in their security arsenal, gaming companies can protect their player base and deliver enjoyable experiences. Furthermore, stakeholders will be encouraged to increase their investments, allowing gaming companies to continue developing new games and features to keep their players engaged in the long run.
Chris Thomas, Senior Security Advisor, APJ at ExtraHop