According to BeyondTrust, nearly two-thirds (64%) of business polled worldwide admit they have been hit by a breach linked to abuse of user credentials in the past year, with 62% blaming compromised credentials belonging to third parties. This is validated by the fact that the Yahoo and Target breaches a few years ago are still affecting unrelated sites. Outside of these game-specific risks, the bottom line is non-gaming breaches on totally unrelated sites can also impact a video game site, because we are all guilty of using the same password for multiple different sites. As a result, it’s easy to hack into most video game forums, and as most people reuse passwords across multiple sites, credentials for video game sites are used not only in attacks to penetrate the gaming accounts but in attacks on numerous other industries. As it’s typically a passion rather than a paid profession, it’s not uncommon for these updates to fall through the cracks. Despite the efforts of the hosting companies rolling out security updates and features, it’s ultimately up to the forum administrators to update patches and maintain security on the forum. The forums are a place to learn more about the game and to get tips and tricks, but many of them are free, and the owners tend to run these forums in their spare time. Gaming forums are another easy opportunity for hackers. Join gaming leaders live this October 25-26 in San Francisco to examine the next big opportunities within the gaming industry.Ĭredential stuffing isn’t the only security vulnerability that gamers need to be cognizant of. This has created a perfect storm in the video game industry upon which hackers are all too eager to capitalize. The second issue is that from a consumer perspective, gaming is seen as having a low financial risk and, as a result, gamers tend to use less secure passwords. Adding to these challenges is the fact that game developers are pressured to deliver more products at a faster pace, meaning there are more bugs and security issues for cybercriminals to exploit. 1, most video game companies use low-friction authentication measures because increasing friction drives customer attrition and results in a loss of revenue. The reason that gaming is subject to so many breaches is twofold No. From there, they can either takeover the account or they can sell the data to other bad actors for use at a later date. When the bots successfully access an account, it’s logged. Cybercriminals use a bot with a list of exposed credentials against a website to gain access to an account on that site. When a data breach happens, user credentials are exposed and can subsequently be found on the internet and the dark web. Google identified that 59% of online users reuse passwords. The rise and success of credential stuffing attacks is a result of people continuing to reuse the same passwords across multiple accounts. Those are attacks where other sites with passwords have been hacked, and those names and passwords can then be attempted. This deters cybercriminals who look for the easiest and fastest way to breach systems: credential stuffing attacks. Industries that have significant financial risk, like banking or ecommerce, store passwords in robust hashing algorithms that make them difficult to crack. Emuparadise, the retro gaming site, is the latest gaming community to admit having suffered a credential stuffing attack. Hackers have targeted 12 billion credential stuffing attacks against game websites within a 17-month period.
New data from Akamai, an internet delivery and cloud services company, has exposed that the video game industry remains a growing threat vector for security breaches. Interested in learning what's next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit Next.
0 kommentar(er)
