Cybersecurity For Online Console & PC Gaming

The Gaming industry is worth over 120 Billion globally and will be worth over 200 Billion by 2023. Most gaming providers are now cloud providers that provide an application online that we subscribe to or buy and keep using frequently. We use games as a form of entertainment, to pass the time and also to socialise and collaborate. There are many other uses, but this article will focus on the cybersecurity aspects of this industry.

It is common knowledge that you need to protect your account when playing games as the account that you use to log in is the account that is used to save the data for the game that you play. In many cases, the games that you play have many hours of gameplay, and this also can equate to a monetary value that has some worth. Account farming and mining is a well-known practice where others play the game on your behalf in vast manual farms or automated mining systems to level up the user and get them the coin and gold needed to advance in the game. Some users, when playing the games, gain artefacts that can take 100s of hours to gain, thus pushing the value of these artefacts up.

In practice, in-game artefacts have real-world value, and along with these artefacts, you end up with street cred or a reputation amongst the clans and groups that you play with. This reputation can take years to build. In short, gaming is like a hobby that you invest in, and your digital media, skins, gold, coin and credit, along with the reputation, is like a second life in digital format. It is common to link these accounts to social media and then to use the social media avatar to wander around lobbies and games to interact with others and play the game under that profile. 

You can quickly draw the conclusion that in many cases, the gaming industry is as advanced as the corporate environments we all work in, but one question stands, is it safe and is cybersecurity taken seriously?

Cybersecurity risks gamers should be aware of

When surveying the top 50 games in 2020-2021 it was found that only 24% of the games in the sample had any reasonable level of cybersecurity applied; in many cases, all you needed to play was any social media account or any username and password. It was apparent that anyone could play, and anyone could easily reach out to anyone else, and there was no form of identification or validation.

There are hundreds of thousands of users whose accounts have been hacked and their valuable artefacts used in a ransom type of attack or their items sold to the highest bidder both on the clear web and on the dark web on markets that specialise in this type of sale.

Millions are being made, and, in 2021 alone, over 100 million USD have been traded in stolen artefacts and the number is growing. This could have been stopped by the gamers using multi-factor authentication (MFA) and in many cases, the vendors supply MFA but are just not turned on for the gamer. 

Microsoft is leading the charge as the solution is to enable multi-factor authentication (MFA) and then to check the user, but they are moving quite slowly as they don’t want to annoy their userbase. Thus Microsoft has been working on passwordless authentication along with companies like GetIDEE, who is removing passwords from the equation. They are now deploying innovative solutions that authenticate users in a multi-layered app that checks that the user is ‘real’ and let them in dynamically if it’s sure they are authentic.

The challenge then will be that the accounts have such high value that the hackers attack the gamers whilst they are playing by hijacking them whilst in the game, similar to hijacking a car when it’s being driven because they can’t steal the keys or break-in. So gamer hijacking is going to become a ‘thing’ as MFA gets rolled out.

Online gaming cybersecurity solutions

Now you probably wonder what’s the solution? Well, what man can make, man can break, so we can only do our best. Soon passwords will disappear, and then conscious automation of the gamer is done using gamer gameplay dynamics which detects how the user is playing the game to identify them so that hackers can’t steal their account and credentials.

ENHALO is already working on this with several world-class gaming vendors to develop dynamic systems to detect the gamer and only allow that individual to play. As a new gamer sharing the account is detected, we send the first gamer a request to approve the new gamer to be merged into the profile or to create a new profile. 

Today, gamers are losing their shirts to hackers and hours of gaming and digital goods are being stolen, translating to a loss of real money as digital is the new gold. So defending against these attacks and defending your identity is key to preserve all those precious hours and digital gold. 

Gerhard Conradie Co-Founder and Global Head of Solutions Architecture at Enhalo
Gerhard Conradie

Gerhard, Co-Founder and Global Head of Solutions Architecture, sees quality staff as the most important asset to any business, and believes that giving them the space to grow as much as they are willing and able to, motivates them to grow Enhalo as well.

Supply Chain Threat Detection

Cyber criminals have upped their game, so should you. We never underestimate or ignore your supply chain's security threats.

Security Operations Center

Financial losses, intellectual property theft, and reputational damage due to security breaches can be prevented.

SOC Assurance Service

Despite a mature Security Operations Center, you're still under threat. Our SOC Assurance mitigates the risk of unnoticed breaches.

Emergency Cyber Response

Regain immediate control, contain the damage, and eradicate the threat. Your bullet-proof, SOS rapid response.

Agentless Network Segmentation

Rely less on vulnerability management and rest assured that the threat won’t spread across your network.

Cyber Risk Assessment

Understand how vulnerable you are. We identify your threat sources and calculate your risks – likelihood and impact.

Endpoint Detection and Response

This solution is for customers that do not have extensive security budgets or staffing to implement and monitor an endpoint security solution.

Irregular Behavior Detection

Companies focus heavily on malicious outsider mitigation, while the biggest threat lies with those who already have access.

Penetration Testing Services

A penetration test is arguably the most important part of any cybersecurity journey, it tests an organization’s ‘final line of defense’ against attackers.

Security Awareness Training & Testing

With cybersecurity awareness training, the risk of human error can be reduced, turning human error into a human firewall.

Insights

360 Security
Must Know Cyber
Security Services

Resources

WEBINARS
MEDIA
SON OF A BREACH
CASE STUDIES
USE CASES

Cyber Security Services

Supply Chain Thread Detection
Security Operations Center
SOC Assurance Service
Emergency Cyber Response
Agentless Network Segmentation
Cyber Risk Assessment

Supporting Cyber Security Services

Endpoint Detection and Response
Irregular Behavior Detection
Penetration Testing
Security Awareness Training and Testing

Related Posts

Cyberattack Emergency

Are you experiencing an active cyberattack?

Get rapid response.

Call ENHALO’s International SOS no:
For Other Inquiries: