Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

The pressures the online gaming community faces when it comes to cybersecurity

By Maria Henriquez
gaming
October 28, 2020

Online games and specifically the Massive Multi-Player (MMO) games, experience multiple attacks from hackers, platform competition that try to block players’ access to the gaming platforms, as well as cheating players that can attack other players slowing their connection, while gaining a competitive advantage. These attacks can take the entire game offline, resulting in hundreds of thousands of dollars lost, according to Radware’s threat research team.

SuperData's report of online games shows Fortnite, the top online game, is grossing $318 million per month. "If Fortnite was to suffer a cyberattack and it resulted in an outage, it could lose +$400,000 per hour (if you break it down using the following math: $318,000,000/ 30.5 (days a month)/ 24 (hours a day))," says Eden Amitai, Cyber Security Evangelist at Radware.

Other games may lose less, but it's still affecting profit margins, Amitai expains: "For instance, online games that bring in $150 million per month could experience $200,000 direct loss of revenue, or a less popular game that has a revenue of 75 million per month may lose $100,000." 

Adding fuel to the fire is the fact that the online gaming world has exploded during the pandemic as a record number have turned to it for escapism, entertainment, and social interaction. Estimated to surpass $200 billion by 2023, gaming is now considered to be one of the fastest-growing industries on the planet. 

“We are living in the golden age of online gaming. PlayStation5, Xbox X, new powerful GPUs, AX routers and other recent dedicated developments for gamers show us how much the tech-world focuses on providing the best, most flawless gaming experience. Online gaming has seen tremendous growth over the past years, and during the pandemic a record number have turned to it for escapism, entertainment and social interaction. However, it is also in high gear for hackers and cybercriminals who look to wreak havoc," says Amitai.

Amitai says Radware has observed a significant increase of thousands of web and DDoS attacks on gaming customers since the onset of the pandemic.

"Many gaming companies trying to serve their growing customer base ran too fast getting up their new architectures and networks, leaving them vulnerable to various attack vectors. The attack surface exacerbated when online gaming companies began to rapidly migrate to the public cloud," Amitai explains. Radware’s most recent C-suite report showed 76% of the respondents said that the pandemic accelerated their cloud migration plans, which leads to a major liability question and the need for a deep security understanding of the shared responsibility mechanism.

Alec Alvarado, Threat Intelligence Team Lead at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, explains that a significant pressure facing the online gaming industry regarding cybersecurity is protecting its customers' data.

"This goal is increasingly difficult to accomplish as the online gaming industry has the task of safeguarding an attack surface that is continually expanding. The inherent requirement to be connected by online gaming consumers makes them attractive targets. Digital Shadows has seen multiple instances of mass phishing targeting consumers in this space. Obtaining credentials to online gaming accounts provide a wealth of information (i.e., payment card details, personally identifiable information) and digital gaming currencies (i.e., Fortnite's Vbucks). This information can be resold easily in the criminal market and is easily monetized."

There is also pressure to ensure a fair gaming experience, Alvarado notes. "This scenario is interesting as it is a unique issue that impacts online gaming organizations. Online gamers who don't see their gaming experience as fair aren't going to play, and losing players is exceptionally damaging for organizations in this space," he says. "Ensuring an adequate gaming experience is challenging to accomplish, as there are so many  ways that players are attempting to tilt the odds in their favor."

Ransomware operators have also seen some success in targeting organizations in this space, placing more pressure on gaming organizations, Alvarado says. "The development of  games spans years of work and considerable resources. Suppose there is valuable information to someone; it can be used for extortion in a ransomware attack. For example, the video game company Crytek was just named on the data leak site belonging to the Egregor ransomware variant's operators. Threatening gaming companies with the exposure of information related to  games in development would be a strong negotiating tactic and would likely result in payment."

Hacking into games to steal in-game currency is another threat the online gaming communities face. This has been an issue for decades, and the rise of mobile gaming has only exacerbated it, explains Hank Schless, Senior Manager, Security Solutions at Lookout, a San Francisco, Calif.-based provider of mobile phishing solutions.

 "Games built for smartphones and tablets are more lightweight than their counterparts on PCs and consoles, which means that security could be overlooked in the development process," Schless adds. "Account takeover (ATO) is a common goal for threat actors. They often achieve this by sending targeted mobile phishing links to steal their login credentials. What happens a lot is that threat actors will send a phishing link through the in-game messaging system, directing the player to a fake login page. Usually, the actor will pose as a member of the game’s support team to convince the target to go to that fake page. This is just another iteration of mobile phishing. Malicious links can be sent to you through any app now, not just in emails."

Malicious actors also build alternate versions of games and distribute them on third-party app stores that don’t have the same security requirements as the Google Play Store or iOS App Store, Schless notes. "These alternative apps are often trojanized, meaning they function like the legitimate version but have malicious code injected in them. These malware can gain access to anything that’s on your phone or tablet," he says. "Since we use mobile devices for both work and personal reasons, these malware are a threat to your organization as well. With information extracted from your mobile device, a threat actor could gain access to your organization’s infrastructure and carry out a larger attack."

"Without mobile security on employee devices, organizations have no way of detecting and blocking malicious apps that could introduce malware into the infrastructure," Schless notes. "True security professionals understand that discovering weaknesses or vulnerabilities in a mobile app of any type should be used for continuous improvement of app security. White hat hacking a mobile app as a security professional can go two ways:

  • You’re testing the app’s security for your organization or the game developer to better improve its security.
    • This is a legitimate way to help ensure the app is safe and free of exploitable vulnerabilities or hidden malware. 
  • You reverse engineer the app with ethical tactics, but for selfish reasons, such as making a profit.
    • This goes against security best practices, violates the Terms & Conditions of mobile apps, and is illegal.
    • Security professionals should know better than anyone that operating outside those best practices can put their entire organization at risk of an avoidable incident. 

Alleviating overall cyber pressures is certainly no small feat, says Alvarado, but should be important to organizations in this industry. To help mitigate these pressures, he says security teams in charge of ensuring a smooth and secure online gaming experience:

  • Need to have a strong understanding of their assets. Ghost assets that are not properly managed can be an easy attack vector for threat actors.
  • Can incentivize their users to report instances of cheating or vulnerabilities through dedicated bug bounty programs.
  • Should have a strong understanding of threats to their organization and the broader industry. Knowing what threat actors are active in the space, knowing what information they target, and how they target their victims is an excellent way to prioritize defense resources.
  • Enforce and abide by cybersecurity basics - as should be the baseline for all organizations.

"As this is a multi-billion industry, we should expect gaming companies to follow the strict cyber resilience we see in other multi-billion industries. No gaming company wants to damage its brand name among its community, and no user wants to have a frustrating leg experience," says Amitai. "Hackers and botters that attack the gaming industry are on the rise, and we, the security people, must do our job to keep our online game, online.”

KEYWORDS: cyber security gaming security ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • It’s the Exemptions that Count When It Comes to Vehicle Theft

    See More
  • Blame It on the Media When It Comes to Pandemic Fears

    See More
  • stadium_enews

    When It Comes to Event Security, Colleges Can Look to the Pros

    See More

Related Products

See More Products
  • The-Complete-Guide-to-Physi.gif

    The Complete Guide to Physical Security

  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!