Subscribe
  • Home
  • /
  • Computing
  • /
  • A new generation of hackers target the gaming industry

A new generation of hackers target the gaming industry


Johannesburg, 30 Sep 2016

Hackers love a crowd. That's true when it comes to social media networks, government system Web sites, financial institutions, retailers and, based on recent headlines, gaming sites too.

For an industry that is projected to be worth about R1.4 trillion in 2016, gaming offers a lucrative industry for cyber criminals. "Last year, gaming accounted for one in every 50 e-commerce fraud transactions, a number that will only continue to grow alongside the industry itself," highlights Heidi Bleau, principal integrated marketing manager at RSA, The Security Division of EMC.

It was reported that Warframe and, separately, the game "Clash of Kings" were separately compromised by attacks that left more than 2.3 million users vulnerable to data and, presumably, identity theft. "While the reasons for the hackers' success is speculative, mostly attributed to security vulnerabilities, the larger issues behind the compromises loom large," continues Bleau. "Then we can't forget the wave of fake Pokemon Go apps designed to spy on mobile users' activity, including eavesdropping on phone calls and intercepting SMS messages."

Bleau says earlier this year, a wave of similar attacks against Steam, a leading digital entertainment distribution platform for many in the gaming community looking to expand their libraries, was breached. "The malware, whom many believe originated in Russia, was implemented to gain unlawful access to Steam accounts. These accounts, stolen through an exploit, became available on the Dark Web starting at around R43."

Then there are "gambling" gaming sites which are the pure moneymakers for cyber criminals looking to cash out stolen credit cards, shut down the Web site with ransomware, or simply cheat to win.

Fault lines among developers and gamers

There is a wide divergence of opinions on why these attacks are so successful. It is, however, both a developer and a user problem. Many developers fail to take proper precautions and apply security best practices during the application development process.

"With quick dev cycle turnarounds expected, especially with gamers looking for the latest updates, it is not unheard of to see security take the back seat to user experience. This leaves many apps exposed with flaws that could potentially expose personal information," says Bleau.

"Then there are gamers (myself included) who are not always, shall I say, careful. Gamers object to anti-virus apps slowing down their machines or causing them to lose frame rate, which in turn leads them to disable anti-virus applications or remove them altogether. Gamers carelessly download 'free' versions of popular apps that are promoted as 'ad free' to avoid paying about R28 in fees, but instead potentially open up their devices to spyware, ransomware and other forms of malicious software. And then there are the permissions. What are we really authorising many of these apps to access on our device?" she asks.

Safe gaming guidance

Bleau lists the following simple precautions gamers can take to keep personal information safe from hackers:

Make sure the Web site you're on or the app you are downloading is the real deal. "This seems like a tip where you might shake your head and say, "Duh." But I can't tell you how many times I have seen my own friends download gaming apps touted as being the 'free' version of a popular app because they don't want to pay a couple of rands to remove the ads," she says.

Be suspicious. Bleau cautions to treat any in-game messaging from unknown users with suspicion. She adds: "We demand our kids not talk to strangers online. Take your own parental advice."

Read permissions carefully. "I am a reformed non-reader, I admit. When I started to actually read the permissions an app was requesting, it was quite alarming. I decline apps access about 90% of the time these days. Besides, I don't want to be one of those annoying Facebook friends that allows an app to post to my page every time I crush a piece of candy, filling the news feeds of my associates. My friends don't care that I answered a question in Trivia Crack correctly," comments Bleau.

Take advantage of two-factor authentication functionality, where available. It will uniformly protect you and your data from being compromised.

In other words, if you're a gamer, treat your virtual environment as you do your real one: with vigilance and without letting your in-game experience cloud your judgment or behaviour. Most importantly, stop being cheap. If you want to remove the ads, pay the rands.

Anton Jacobsz, MD at Networks Unlimited, a value-added distributor of RSA products in more than 20 African countries, says education in this regard is key to safeguarding individuals and their information. "The gaming community is pretty clued up on staying safe; however, as more gaming apps catch on in the region due to the proliferation of smartphones and other mobile devices on the continent, it is important to highlight the risks and keep players' data and money safe."

Share

RSA

RSA provides more than 30 000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. With RSA's award-winning products, organisations effectively detect, investigate and respond to advanced attacks; confirm and manage identities; and ultimately reduce IP theft, fraud, and cyber crime. For more information, go to www.rsa.com.

Networks Unlimited

Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Fortinet, F5, Mellanox, ProLabs, Rackmount, Riverbed, RSA, Rubrik, SimpliVity and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, WiFi, mobile and networking security, load balancing, data-centre-in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the sub-Saharan Africa market.

Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.

Editorial contacts

Lynne McCarthy
Networks Unlimited
(+27) 011 202 8400
lynne@nu.co.za