However, the most significant impact of a breach is on customer trust. Gamers often spend a lot of time and money to build their online identity, making it a valuable asset that must be protected. Even if a game does not pay out real money, virtual assets in multi-player online games can often be sold for hard cash. Heavy users and high rollers increasingly expect gaming companies to protect their identities and therefore their assets. A breach of this trust can cause irreparable damage to customer loyalty. The answer to a secure and trustworthy system lies in a strong cybersecurity approach.
Protecting the turf with Cybersecurity controls
Recent checks have discovered several vulnerabilities in large gaming platforms that leave user data vulnerable. According to the ThreatMetrix Gaming and Gambling Cybercrime Report, approximately 5% of new accounts created on online gaming sites are connected to a fraudsteriv. And hackers are coming up with new strategies! In a creative hack of a popular game, young players were being taught to hack others’ accounts to collect rare and valuable skinsv – a breach that has led to a class-action lawsuit against the gaming companyvi.
In a world where cybercriminals are getting bolder (think a billion data records released on the dark web by a hackervii), it’s imperative that gaming companies invest in and make use of the right security controls. The industry should adopt cybersecurity in the entire lifecycle of game development and deployment along with the platforms on which these are used. High-level guidelines to achieve better security assurance:
- Enable multi factor authentication to protect against identity theft
- Comply with PCI DSS and institute safe online payments to protect financial information
- Ensure confidentiality of databases to protect sensitive information from being disclosed to unauthorized parties
- Put a stop to back date frauds
- Ensure protection against DoS and DDoS attacks that disrupt gamer experience by breaking connectivity
- Ensure that security is embedded in the entire lifecycle of game development, release campaigns, marketing etc.
- Protect against in-game phishing that usually happens via the messaging feature within the games
Wipro has been working with several gaming clients to build and strengthen cybersecurity. With our vast experience in various verticals that have higher risk potential and our best-in-class security offerings, we can partner to provide higher cybersecurity assurance to gaming companies. Our Cybersecurity and Risk Services (CRS) practice helps customers define their cybersecurity strategy and needs, incorporating best-recommended practices across the people, process, and technology platforms.
A safe space
At the end of the day, people indulge in gaming for entertainment. If it becomes a threat to their financial and reputational well-being, they will shy away from it and seek other safer modes of entertainment. To prevent such a scenario, the gaming industry needs to bake cybersecurity into the software, hardware, and networks, with stronger authentications and other security controls to make it tougher for attackers to take over. Finally, a large number of gamers are young players with limited understanding of security practices. It’s a moral responsibility of the industry to provide them with a trusted community to play in.
What is your experience with security in the gaming industry? How do you see industry players adopting cybersecurity practices?