The ransomware hack used to pressure game developers explained
A recent ransomware attack targeting a video game publishing giant is the perfect opportunity to explain how such attacks work.
Ransomware is a type of cyber attack where the attackers steal valuable information and threaten to release it. After gaining access to the desired information, the information is usually exchanged for money. If the company refuses to pay, the hackers can release the information to business competitors, government agencies or the general public. This is a very serious crime that can result in large payouts for offenders if they get away with it, or even greater penalties if caught. But that threat doesn’t stop the targeting of video game companies.
Ransomware is usually a complicated process, so it is often carried out by a group of people. Once they have found their target, hackers can use a variety of techniques to gain access to a company’s digital information. These gangs can use phishing scams, insecure communication channels or even an internal agent to gain the necessary access. From there, they often both download all the stolen information while at the same time encrypting the copies of the information that the company owns. Then the hackers are the only ones who have access to the information in question.
Video game companies are a prime target for hackers because almost all developers are digital. By encrypting information, ransomware hackers can hold entire games hostage during development. Video games are also a lucrative business, so big developers and publishers have the money to pay big ransoms.
The ransom attack on Bandai Namco explained
To really understand how a ransomware attack affects a game company, the recent case with Bandai Namco is the perfect example.
Based on some verifiable information, it appears that the group targeting Bandai Namco goes by the names ALPHV and BlackCat. The group used special software to somehow gain access to Bandai Namco’s secure information. The group claimed access for a few days before Bandai Namco confirmed the attack on July 13, 2022.
The exact specifics of the leak are not yet known, as the video game publisher does not want more information to potentially leak out. If Bandai Namco is unable to come to an agreement with the hackers or successfully get law enforcement, there could be two major consequences.
The first is that all of Bandai Namco’s existing digital assets are destroyed with no way to easily restore them. This may affect the company’s current business badly, making it very difficult for Bandai Namco in the near future. Alternatively, ALPHV can release all company information to the public without destroying it. This is probably the less dramatic result, but will still be a huge disappointment and headache for Bandai Namco.
Since it can be difficult to find authentic information about ransomware attacks, companies affected by them tend to attract false leak rumors. This was also true of the Bandai Namco ransom attack, although we explained why the supposedly leaked Dragon Ball release timeline and Elden Ring DLC are almost certainly fakes.