Gaming Industry An Attractive Target For Cybercriminals
The gaming industry, in general, is aware that attempts to login and other forms credential abuse is a problem. But maybe not as aware that they should be.
According to a new Akamai report, hackers are using new methods to evade detection. Many organizations do not follow the scope and complexity of the problem of identity theft.
The State of the Internet Report: The Company’s 2019 Web Gambling and Gambling Abuse Web Sites, published at the annual Akamai Edge World event, revealed that hackers had made more than 12 billion attacks in gaming site between late 2017 and March of this year, qualifying the gamer community as one of the most aggressive targets for these attacks and one of the most lucrative for cybercriminals.
In total, gambling sites accounted for more attacks aimed at obtaining identification information in all sectors during the investigation period by Akamai.
“One reason that we believe the gaming industry is an attractive target for hackers is that criminals can easily exchange in-game items for profit,” said Martin McKeay, security researcher for Akamai and editorial director of the report. “Furthermore, gamers are a niche demographic known for spending money, so their financial status is also a tempting target.”
The Akamai report also pointed out that SQL injection attacks (SQLi) accounted for about two-thirds of all Web application attacks, while Local File Inclusion (LFI) attacks accounted for about a quarter.
The report points out that most credential stuffing lists circulate online usage data from well-known large-scale data breaches, and that many of them are rooted in SQLi.
An Akamai press release says its researchers have discovered a video explaining to users how to perform SQLi attacks against websites and using the credentials obtained to generate lists that can be used for the credential stuffing against online games.
“As gaming companies continue to innovate and improve their defenses, they must also continue to educate their consumers on how to protect themselves and defend themselves. Many players are young and if they learn best practices to protect their accounts, they will incorporate them for the rest of their lives,” McKeay said.
The Akamai report shows that more than two-thirds of application layer attacks are directed against US-based organizations, and Russia and Canada occupy positions No. 1 and No. 2 for the gambling sector, in terms of sources of attack. “Attackers see the credential abuse as a low-risk venture with a potential for a high payout, at least for now,” Akamai’s report reads. “
The report notes that hackers tend to give more value to compromised accounts related to valid credit cards and other financial links. Once these accounts are compromised, they will buy additional items, including the currencies used in the games.
These types of attacks are more likely to increase in the future. As with many other types of attacks, the important thing is that a user should keep in mind that attacks occur so that you can find ways to defend your business against them.
Julia Sowells870 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.