This post is based on the findings within Akamai’s latest State of the Internet report, Volume 8, Issue 2, “Gaming Respawned,” that was published in August 2022.

In this eye-opening report from Akamai, it becomes evident that as online gaming revenue continues to surge post-pandemic, so do the threats that target the industry. The latest research from Statistica (outside of this report) supports the growing gaming trend indicating that the 2.7B gamers in 2023 will steadily increase to 3.1B in 2027. As we discuss this report, we will go into more detail on how gaming revenue streams attract cybercrime then cover the latest trends and the types of threats facing the gaming industry.

The “gold rush” of gaming revenue - hackers & more

Photo by Sergey Pesterev on Unsplash

Online gaming has become big business, and where there's money, there are always opportunistic cybercriminals. The first section report about “Follow the money,” highlights how the rapid growth of the industry has made it an attractive target for those looking to profit from their illicit activities. Beyond the game costs, players spend money on upgrades from characters to tools. Statistica research outside of the report indicated that gaming revenue would reach $172B this year and that $81B was in-app purchases.

Many of these in-game purchases are microtransactions that are small purchases that quickly add up. The Akamai report cited how the online microtransaction market is expected to grow to $106.02B in 2026 at a 11.9% CAGR, according to the Business Research Company. Of course cybercriminals are interested in following these money streams from hacking into user accounts to stealing source code and engineering future cheating options as listed in the report.

Governments are increasingly alarmed by the illicit use of gaming platforms for money laundering. The report explains how criminals exploit the fungible nature of in-game virtual currencies, using illegally obtained funds to buy in-game assets and then selling their accounts at a discount to clean their money, as outlined by ACAMS, a leading organization for anti-financial crime experts.

These gaming microtransactions attract criminals because these many small transactions do not not trigger scrutiny from the IRS or US Treasury which has approximately a 10K threshold. The report further explains how regulators worldwide, including the Financial Action Task Force (FATF), are closely monitoring virtual worlds alongside online gambling and cryptocurrency trading.

Catching the next wave of vulnerabilities

Photo by Jeremy Bishop on Unsplash

The “Trends in the gaming threat landscape” section describes how gaming remains on the rise despite the pandemic easing last year, making it an increasingly attractive target for cybercriminals. Additionally, the expansion of gaming to new streaming models and devices has expanded the attack surface, leading to a surge in web application and API attacks on gaming companies.

Will cybercriminals find opportunity in cloud gaming expansion?

The report indicates that as gaming companies increasingly adopt cloud-based gaming infrastructure, it offers an affordable alternative for consumers by eliminating the need for expensive consoles or PCs. The cloud gaming market is rapidly expanding, with analysts projecting it to reach nearly $21.54 billion by 2030 per Allied Market Research as referenced in the Akamai report. Gamers are driven by the appeal of accessing a wide range of titles for a single monthly fee and the adoption of "pass" systems that provide access to multiple titles without hardware constraints.

Cybercriminals flying away with their own version of “treasure”

Photo by Daniel Tuttle on Unsplash

The “Gaming your systems: Bad actors have been busy since the pandemic shutdowns” section focuses on the various threats faced by the gaming industry. These range from web application attacks that compromise user data to DDoS attacks that disrupt gameplay and even include the rising menace of ransomware.

Akamai's analysis of web application and API attacks has identified three prominent patterns:

  • Long-running attack campaigns: These are sustained and frequent attacks that organizations experience regularly.

  • Short-burst attack campaigns: These involve sudden and intense spikes in attack volumes, often exceeding 10 to 30 times the yearly average, and tend to occur over a few days without warning.

  • One-time attack campaigns: These are massive surges in attack activity, surpassing normal levels by more than 30 times.

Web application and API attacks

Web application attacks have become a significant security concern across industries, accounting for over half of all data breaches. In the gaming industry, web application and API attacks have surged 167% from mid-2021-2022, with over 800 million attacks tracked during the same period per Akamai's findings. These attacks pose a major threat as cybercriminals exploit vulnerabilities to access user accounts, game data, and source code, enabling them to engineer cheats and manipulate in-game economies for real-money scenarios.

Notably, Local File Inclusion (LFI) attacks have surged to become the most prevalent web attack vector against gaming companies. LFI accounted for 38% of the top three web application attacks, followed by SQL injection (SQLi) at 34%, and Cross-Site Scripting (XSS) at 24%. The rise in SQLi and LFI attacks suggests increased organized criminal activity, with criminals often sharing hacking tutorials utilizing SQLi for credential stuffing.

Per the report, LFI attacks aim to exploit server scripts to access player and game data, potentially enabling cheating and network breaches for gaming companies. Mobile and web-based games are prime targets for SQLi and LFI attacks, granting criminals access to usernames, passwords, and game-related information stored on servers.

More sophisticated DDoS attacks

DDoS attacks are a well-known threat in the gaming industry, with attackers using bot armies or automated methods to overwhelm servers, disrupting gameplay and business operations. Gaming accounted for 37% of DDoS traffic across all industries in mid-2021-2022, per the report. Moreover, DDoS attacks have become larger and more sophisticated, posing a significant threat to the gaming sector, as they can lead to service disruptions and even give certain players an unfair advantage, making it crucial for game companies to address this threat.

Stopping ransomware

While the Akamai report doesn't provide specific data on ransomware attacks in the gaming industry, ransomware remains a significant threat across various sectors. New and sophisticated ransomware models, including double extortion attacks, are a growing concern. In the report Akamai advises game companies to implement preventive measures such as robust backup strategies, user education on phishing, and the use of microsegmentation to contain malware and protect sensitive data from being publicly exposed.

Learn more today!

The report indicated that key trends in the gaming industry include its continued growth, a surge in cyberattacks, and a doubling of web application attacks, driven by LFI, SQLi, and XSS vectors.

DDoS and ransomware threats persist, while the expansion of cloud gaming and other lucrative aspects like microtransactions attract cybercriminals. Criminals recognize the value in gaming and will continue to exploit virtual assets and the flow of virtual funds.

To find out more, you can read the full report. Be sure to also check out the Akamai and Macrometa gaming webinar replay, “Using Operational Data to Delight Gamers.”

Macrometa offers AI-powered PhotonIQ Fingerprint designed to identify anomalies and threatening behavior in real time and can identify and isolate bad bots in honeypots to prevent cybercrime. PhotonIQ Virtual Waiting Rooms help you manage high surges in traffic and thwart DDoS attacks or bad actors from ruining the game. If you are interested in working with Macrometa to ensure safe and seamless gaming experiences, request a demo today!

*First photo is by Wesley Tingley and Unsplash.