The esports and videogame industries continue to reach new heights in popularity, with gamers popping up all over en masse. Not only are competitive online games the hot topic right now, but esports tournaments keep getting bigger. As do their prize pools. Unfortunately, this means that bad actors are becoming progressively interested in finding new ways to exploit people in this industry. Leading to the need for increased cybersecurity awareness – both for video game companies and gamers.
More and more money is getting pumped into online games through digital stores and microtransactions. As more credit card info make it onto client game servers and digital store databases, the risk increases.
Esports competitions are getting much bigger as well, with massive events and a large influx of sponsorships and advertisements. Which means more criminals are setting their sites on these platforms and developing new methods to get their hands on that “easy money.”
As things develop, the entire industry is going to see greater cybersecurity risks. These threats are multiplying fast and need to be addressed on a platform and individual scale.
Safety Needs to be Addressed in Esports
The inherent problem with safety around esports is that everything related to it is online, making everyone vulnerable to hackers. A good example of this is when hackers got into the E-Sports Entertainment Association League (ESEA) database in 2017. They held the details of more than 1.5 million user accounts at ransom for $100,000. If ESEA refused to pay, then they would release that data publicly.
The matchmaking service didn’t pay, instead urging their users to change their passwords while working to fix the security hole. Then, later on, their game server infrastructure was also breached, and hackers changed everyone’s karma rating to negative 1337. Which might not be a massive problem for some. But it was still a major disruption to many players who take part in the ESEA tournaments.
Besides that incident, there are many other potential security issues when it comes to esports tournaments. Everything is done online – from the games themselves to people voting and tuning in. Even the spectators at the events generally use public WiFi supplied by the host. All of those devices, and by extension, their owners, are vulnerable to attack.
Another major problem for esports is DDOS attacks. They continue to prevail despite organizers’ efforts to keep them at bay.
Digital Game Platforms Are Contributing to the Issue
Gamers will happily spend hundreds of bucks on in-game items, skins, and features, and developers are raking in the money. There’s a constant shift towards getting players to open up their wallets again and again, either through microtransactions or additional content. It’s become so big that the games industry is now estimated to be worth well over $135 billion and it’s still growing.
Yet that very same thing is what could get players in so much financial trouble. All of the digital game stores and launchers people buy games on these days are gathering and saving their data. If these platforms don’t consult with the best security professionals and apply advanced safety methods, then they’re putting everyone at risk.
Which is exactly what happened with the EA Origin Client last year. An independent security researcher discovered a bug. It allowed outsiders to gather user data through their auto-login URL system. This would then enable the hacker to hijack any account, regardless of the login password.
What made this bug even more worrying is that these auto-login URLs could easily have been harvested through public WiFi. Plenty of gamers connect to publishers’ launchers and websites during esports events or conventions for special news and loot. It could have been catastrophic if a large number of users had logged into their accounts during an event before the bug was fixed.
Fighting Back Against Cyberattacks
People should be careful with their banking details and preferably remove them from the store after purchasing anything. It might be a drag having to re-enter credit card details every time, but it’s safer that way.
Reusing any passwords is also a very bad idea. It opens people up to credential stuffing attacks. And finally, gamers need to be careful about what they do while connected to public WiFi at any convention or event. In this case, it’s a good idea to connect to a VPN first for an additional layer of security.
The gaming industry, especially esports, is vulnerable to its fair share of cyberattacks and data breaches.
Gamers need to be more aware of how they share their data and which networks they connect to. Client developers and event organizers keep working to make these environments safer for those who use them, but people can’t rely on that alone.