Why the global video game market is a bellwether for other businesses
The video game market has come a long way since then Pong became a new hobby for many casual players around the world. Video game console unveilings and game title releases such as Duty calls are now cultural events with global online gaming populations, professional eSports teams and subscription plans. While COVID-19 caused a surge in gaming, the gaming industry has shown no signs of slowing down anytime soon.
While key players such as Activision, Microsoft, Nintendo and Sony have remained constant in the gaming market over the years, there are seemingly new entries in the video game market every year that explode in popularity, including PC gaming and mobile gaming on tablets and tablets. smartphones. The lucrative sums of money spent in the global video game market have given rise to an increase in cybercrime. A study of 10,000 gamers worldwide found that 33% of respondents have been hacked in the past two years. As a result of these hacks, 46% of players reported losing items or currency.
Gamers losing their hard-earned digital assets aside, cyber attacks continue in-game economies damage the user experience and the principle of fair play and can also lead to a loss of income for organizations and game developers, among others.
Arkose Labs sought to uncover the true nature of the threats facing gamers, and the video game market as a whole, in its quarterly report. The report, Threats from the gaming industry are increasing: scam farms and bot attacks among leading dangers shows that these cyberattacks not only point to a growing problem within the global video game market, but can also serve as a key predictor of what’s to come in other industries.
Why the gaming market and players are being targeted by fraudsters
The gaming market itself is ripe for exploitation by financially motivated bad actors and cybercriminals. Attackers target gaming companies because they are lucrative – small amounts of money but huge volume. According to a survey carried out earlier this year the average player spends about $76 per month on in-game merchandise platforms, adding up to $58,000 over a lifetime. It is estimated that in 2022 there will be more than 3 billion players exists worldwide, presenting a large attack surface connected to the Internet.
Additionally, internet gaming sites are often used by a younger community whose online credentials are less likely to have been part of a data breach from other major sites. Cybercriminals seek to take control of high-value gaming accounts in order to obtain items that they can resell in the real world, for real dollars. When an online account is hijacked, the entire balance is transferred to an attacker-owned account and the attacker withdraws money. There are markets in these game worlds where consumers (and attackers) can convert the game currency into cash.
The holidays in particular provide increased opportunities for fraudsters and cybercriminals who want to target student gamers who spend more time at home on the internet and playing multiplayer games. New game titles or consoles are often released into the video game market during this time as well.
Understand three common cybersecurity threats facing the video game market
Cybercriminals and fraudsters seek to maximize profits with minimal investment and usually look for the path of least resistance when it comes to their attacks. All this helps them to realize a greater return on investment, often this is activated by malicious bots. Arkose Labs’ quarterly report analyzed 8 billion online sessions from the world’s largest gaming companies across the US, UK, Australia and Singapore between November 2021 and October 2022 and found the following types of traffic:
- Basic robots
- Intelligent robots
- Fraud farms
- Legitimate traffic
Basic bots, intelligent bots and scam farms enable fraudsters to strike with credential intrusions, account takeovers, man-in-the-middle (MITM) phishing attacks and fake new account registrations.
Basic bots were the most used attack type followed by intelligent bots and scam farms. Basic bots give attackers a highly scalable option with the volume they need to make financial gains. Additionally, bots provide a lower barrier to entry for use since they can be purchased from online marketplaces ready for malicious purposes, including stealing and recording login credentials, browser fingerprints, and cookies.
For additional information and data points related to these attacks, read Arkose Labs’ Q4 2022 report Threats from the gaming industry are increasing: scam farms and bot attacks among leading dangers Today.
Want to understand cyber security threats facing your industry? Look at the gaming market
Many industries work in security silos. But Brett Johnson, Arkose Labs’ Chief Criminal Officer, says banks, retailers and other businesses should look to the attacks in the gaming space to predict what’s coming. Now we see that criminals are considering where they can use automated attacks (bot-based attacks) in other verticals.
“Pay attention to the gaming industry. It is the playground, the testing ground for most automated types of attacks. Because the dollar amounts are not very high on returns, criminals are looking for automated ways to commit the kind of fraud that manual people do in other verticals. Once the automated ways are proven effective in that test area, they will start deploying them in other verticals.”
While video games and the gaming industry also grab the headlines, it will be imperative for them to rethink their security strategies as more traditional businesses enter the metaverse, even those not involved in online gaming. The fraudsters of the future will operate within the metaverse, targeting tech-savvy consumers using increasingly sophisticated tactics. Attack types will also change. Synthetic account attacks – which may typically involve a fraud attempt using a mix of real stolen PII data and fabricated data – are more common in the metaverse.
Why Arkose Labs makes attacks harder and more expensive for fraudsters
Arkose Labs focuses on making attacks more difficult and expensive for fraudsters and cybercriminals alike, dismantling their financial incentive by challenging them to remove enforcement tests at scale. To complete the attack, fraudsters must spend more time and invest in additional resources and machine learning.
We protect global video game companies from evolving attacks; block automated activity aimed at monetizing stolen data; and ensure the in-game experience from match-fixing. Arkose Lab’s unique detection and delineation platform analyzes data from user sessions to determine the context, behavior and past reputation of each request. We classify traffic based on the risk profile and present suspicious traffic with enforcement challenges to differentiate between genuine users and fraudsters.
This is how we give companies like you the advantage:
- Account takeovers:We keep customers safe by eliminating major attacks on user accounts.
- User-centric authentication: We make challenges easy for good users by creating game-inspired CAPTCHAs
- Simple implementation: We achieve immediate results by working to deploy quickly.
Want to learn more about threats facing the video game industry and how it might apply to your business? Read Arkose Labs’ Q4 2022 Report: Game Industry Threats Rise: Scam Farms and Bot Attacks Among Leading Dangers.
For more information on how Arkose Labs can help your organization overcome malicious bot activity, including credential testing, credential stuffing, and account enumeration attacks, order a demo with us today.
*** This is a Security Bloggers Network syndicated blog from Arkose Labs written by Steve James. Read the original post at: