Gaming Industry Faced Highest Growth in Cyberattacks During Pandemic: Akamai

Akamai Technologies, has released research showing that cyberattack traffic targeting the video game industry grew more than any other industry during the COVID-19 pandemic.

According to Akamai’s new State of the Internet / Security report, Gaming in a Pandemic, the video game industry suffered more than 240 million web application attacks in 2020, a 340% increase over 2019.

Mobile games incorporating in-app purchases are also subject to a consistent barrage of attacks, according to the Akamai report. Criminals are seeking any opportunity to exploit players who spend real money on virtual, in-game items like skins, character enhancements and additional levels.

The report highlights a recent example in which bad actors used a phishing kit to steal player email addresses, passwords, login details, and geolocation information that they subsequently sold on criminal markets.

“Criminals are relentless, and we have the data to show it,” said Steve Ragan, Akamai security researcher and author of the State of the Internet / Security report. “We’re observing a remarkable persistence in video game industry defenses being tested on a daily – and often hourly – basis by criminals probing for vulnerabilities through which to breach servers and expose information. We’re also seeing numerous group chats forming on popular social networks that are dedicated to sharing attack techniques and best practices.”

SQL injection (SQLi), which targets player login credentials and personal information, was the top web application attack vector in 2020, representing 59% of all attacks Akamai observed against the gaming industry. That was followed by local file inclusion (LFI) attacks at 24%, which target sensitive details within applications and services that can further compromise game servers and accounts. Cross-site scripting (XSS) and remote file inclusion (RFI) attacks accounted for 8% and 7% of observed attacks, respectively.

The video game industry suffered nearly 11 billion credential stuffing attacks in 2020, marking a 224% increase over the previous year. The attacks were steady and large, taking place at a rate of millions per day, with two days seeing spikes of more than 100 million. Second only to phishing in popularity of account takeover attacks, credential stuffing attacks were so common in 2020 that bulk lists of stolen usernames and passwords were available for as little as $5 on illicit websites.

“Recycling and using simple passwords make credential stuffing such a constant problem and effective tool for criminals,” Ragan said. “A successful attack against one account can compromise any other account where the same username and password combination is being used. Using tools like password managers and opting into multi-factor authentication wherever possible can help eliminate recycling and make it far more difficult for bad actors to execute successful attacks.”

ChannelDrive Bureauhttp://www.channeldrive.in
ChannelDrive Bureau covers the latest developments in the space of ICT, technology, solutions and implementations and delivers content focused around solution providers, system integrators, distributors and technology partner community in India. ChannelDrive Bureau is headed by Zia Askari. He can be reached at ziaaskari@channeldrive.in

Recent Articles

UK public demands more online gov services after lockdown: Infosys

The pandemic has significantly changed how UK residents engage with online public sector services according to new research from Infosys, a global enabler in...

Piraeus Bank Picks Accenture, Microsoft to Embrace Cloud Transformation

Piraeus Bank is collaborating with Accenture and Microsoft to accelerate its digital transformation, leveraging a cloud-first approach. The shared ambition of this initiative is...

KPMG and ServiceNow Expand Alliance

KPMG and ServiceNow announced an expansion to their alliance relationship to deliver environmental, social, and governance (ESG) focused solutions and services that extend KPMG...

TCS Sustainathon Drives Inclusive Education Solutions in ASEAN

Tata Consultancy Services (TCS), a global IT services, consulting, and business solutions organization, announced the launch of TCS Sustainathon ASEAN 2021, a problem-solving competition...

Blume Global runs logistics platform natively on Google Cloud

Blume Global, the provider of supply chain execution and visibility solutions, is proud to be the first to deliver logistics execution and supply chain...

Related Stories

Stay on op - Get the daily news in your inbox