As a lifelong gamer, the recent attacks against Capcom, Ubisoft and Crytek caught my attention. Though these attacks may simply be the result of highly effective malware impacting many industries and operations, it’s more likely that this is in direct response to how massive this industry has truly become.
With their sheer level of consumer reach, the large publisher and development houses are being looked at as potential sources of opportunity to globally affect millions of users and their devices at scale. Of course, as with other attacks against industries developing competitive intellectual property, bad actors are very aware that the potential for ransom-based revenue is high. The cost and overall resource investment into the development of beloved cross platform AAA video games is significant, to say the least.
The video game industry’s 2020 revenue is expected to hit at least $159 billion and surpass $200 billion in 2023. The number of gamers around the world is now estimated to be 2.7 billion. These are material numbers. Compromising an environment with secret projects, released and unreleased game code and assets, and the infrastructure involved in distributing software globally at scale could be very lucrative for a bad actor.
Gamers should take note that these attacks are also directly focused on gamers, as a massive community. Our personal information is being targeted. Whether or not we realize it, we are asked to share a reasonable amount of personal information with the brands we support. In opposition to decade-long passwords used to access one gaming service. We are being enticed to click on malicious ads using stolen, legitimate assets from trusted brands. Just as with ads, malicious email campaigns using content from trusted brands can be equally as convincing. Though less common, there’s still the risk that a game or software used to distribute the game could be compromised and used to affect our systems.
While games purchased through legitimate channels are less likely to be impacted, games obtained through illegitimate channels are far more likely to include something malicious. Local legalities aside, it can be tempting to download unreleased software that was stolen through such an attack, this can be a dangerous action (don’t download unreleased software or trainers).
Bad actors that went out of their way to steal content from a AAA game publisher know how desirable this content may be and that thousands will likely attempt to download the content. Bolting malicious content alongside an unreleased game, posted to torrents and the like is a sure fire way to rapidly distribute your malware. The same applies to trainer or cheat apps in general. They may work, but are highly likely to lead to your system being compromised.
Downloading an unreleased game from a torrent, newsgroup, or similar is still unsafe; more so than ever. Cheat apps and trainers may work, but are often also designed to compromise gaming PCs. Accounts with rare in-game items that can be auctioned online are at risk of being compromised; the items are looked at as digital currency. Both the PS5 and Xbox Series X now released in some regions and soon to release in most regions globally and the recently released gaming PC components (video cards) were sold out in minutes.
Six things to consider to stay safe while gaming
Applying these best practices in general when using any online service will keep you safer. When considering the recent attacks, it would appear that the time to apply these best practices is now, if you’ve not yet started.
Sign up to receive the latest news