A person sitting on a gaming chair with big headphones playing a PC game

Is Gaming the Next Big Target for Cybercriminals?

The global gaming market is estimated to be worth $256.97 billion by 2025 and, right now, there are more than 2.5 million gamers across the world. With a target that big, it’s no wonder that cybercriminals are so enticed. At C6A, we talk a lot about everyday security risks for users, at work, on your home laptop, and even on your phone wherever you take it with you. But even your leisure activities could be impacted by a cyber attack; your gaming consoles are just as vulnerable as all your other devices.

Think about it, you’re still putting in passwords, payment information, location information, and more just by logging in and buying or playing a game online. Of course, video games weren’t originally dependent on being attached to a network, but now most systems and games definitely are. As online gaming continues to rise in popularity, it’s about time we focus on this significant sector in the cybersecurity world: the gaming industry.

The Gaming Landscape for Cybercriminals

Barely two weeks ago, CapCom revealed that its personal data breach impacted almost 400,000 of its users. In the scope of large data breaches, that may not seem like much. However, the event is a concerning sign that as gaming continues to be a massive source of entertainment for all sorts of people across the globe, those accounts, consoles, and software are also vulnerabilities.

Boris Cipot, a senior sales engineer for Synopsys, says that because gamer accounts often include player payment information it makes them an attractive target for criminal interference: “The gaming industry is a common target for attacks, be it data theft or ransomware attacks,” Cipot says. “An interesting observation within the gaming industry is that player accounts are often high-value assets due to in-app purchases, or rewards from leveling up. In other words, gaming accounts are often seen as items for sale — at least accounts owned by adults spending money.”

Even seemingly “innocent” games are not safe from interference. Around the same time as the recent CapCom breach, it was revealed that Animal Jam—a popular educational kids game for children—had also been hacked. This discovery was made not through finding the breach internally but rather when 7 million records just happened to “turn up” on an underground forum used by malicious agents to buy and sell stolen data. The breach itself was later found to be due to a vendor server being compromised, though Animal Jam would not release the name of the vendor in question.

WildWorks, the parent company of Animal Jam, has been lauded in tech and cybersecurity communities as taking a refreshingly transparent approach to the breach—helping their customers feel reassured of their security and taking actions necessary to lessen the impact of the cyberattack. Thankfully, no information about the children’s names was released and only 0.02% of the data was related to personal address or payment information.

However, this event should definitely raise some red flags for gamers. When it comes to cyberattacks, anyone is fair game, even a children’s game. Thankfully, companies like CapCom and WildWorks are hard at working hiring cybersecurity professionals that can better root out potential vulnerabilities and stop these breaches from occurring before their user’s data ends up for sale to the highest bidder.

What Gamers Have Got To Know

With larger breaches, like the CapCom and WildWorks examples above, we have to trust in the cybersecurity and integrity of these companies to take care of their users in the case of a breach. That said, there are absolutely some methods that can help gamers feel more secure in their online gaming experience.

Cyberattacks on gamers often go one of a few ways. Occasionally, a hacker will personal ransom a user’s account in exchange for payment. This is especially true for games like World of Warcraft where players spend tons of time and money upgrading their character. You can understand why someone might want back access to that at all costs! Other cyberattackers may be more interested in phishing for your payment information (or your password in order to access your payment information). Then there’s always the chance of an attacker trying to get gamers to download potential malware as well.

Suffice to say, there’s plenty of ways to go wrong but just as many ways to protect yourself! The first step is being prepared. The second step is to stop using the same password for all of your accounts! Yes, that genuinely can make a huge difference to your cybersecurity—whether or not you’re a gamer. According to Avast, “55% of gamers reuse passwords across accounts; and the average gamer has experienced almost five cyberattacks.” 

The next best thing for a cybersecurity-conscious PC gamer to do is to install anti-virus software. Although some gamers are reluctant to download an application that might slow down their computer’s performance while gaming, there are plenty of options that specifically have a “game mode” that will allow you to keep your computer safe without negatively impacting your playing experience. Performance shouldn’t have to suffer for the sake of cybersecurity!

Above all else, being aware of your cybersecurity risk as a gamer is the most important step of all, so you’re well on your way to a safe and secure gaming experience just by reading this article!