Strong security measures could help protect gaming industry from cyber crimes
The gaming industry has been one that has adapted and changed so much over the last few decades, going from selling physical media to now relying on online servers for pre-ordering and purchasing games, bonus purchases, subscriptions and online gameplay itself. While the industry has made the bold moves to utilize the internet, this has also opened it up to various security vulnerabilities that anyone else who has done business online has encountered. As has been reported before, the gaming industry has especially been open to targeting, and there seems to be an epidemic.
DDoS attacks, or Distributed Denial of Service attacks, have often been used in order to target online gaming publishers and developers. A DDoS attack is a high-scale attack, mostly utilizing botnets to flood a server with several unique IPs, which not only makes it harder to stop but also makes it harder to distinguish legitimate traffic. One comparison you could make is that a DDoS attack could be similar to a large number of people crowding or blocking a retail store’s entry, which does not allow actual customers through, effectively limiting or blocking trade.
But while several of these terms would seem to require a high level of intelligence in the cybersecurity space, many attacks have come from average people; in some cases, angry gamers, hiring botnets to attack a particular service. In the past, it has been suspected that an angry group of gamers has been behind attacks on Minecraft servers and the PlayStation Network. Beyond that, Valve’s Steam servers have often been a target of attacks.
These attacks often leave game publishers and developers searching for answers, as they not only lose revenue but also are left trying to patch up their reputation. Aside from revenue lost to sales, it also takes time and resources trying to fix the issues and safeguard further releases. But publishers and developers also have several security resources at their disposal to try to be proactive against cyber attacks.
Aside from working to prevent data breaches through server-side services, there are also cloud services like utilizing a web application firewall. A web application firewall or WAF, is different from a regular firewall in that it filters the content of web applications and filters, monitors and can block traffic, preventing attacks like SQL injections, cross-site scripting and other security risks identified by the Open Web Application Security Project. A WAF can be deployed on-premises and within cloud services like Microsoft’s Azure or Amazon Web Services in order to protect application exploits.
The gaming industry will likely continue to be a target, especially with larger and more successful publishers with large fanbases that are likely to voice their displeasure with any outages. To this day, game developers are still the most frequent targets, especially to DDoS attacks, but utilizing the latest cybersecurity technology like WAFs and continuous monitoring of network traffic seem to be the best tools in each respective company’s toolbags to protect themselves.