Video Game Industry Faced Highest Growth in Cyberattacks during Pandemic

Rhea-AI Summary

Akamai Technologies (NASDAQ: AKAM) reported a significant increase in cyberattacks targeting the video game industry during the COVID-19 pandemic. Their State of the Internet / Security report revealed over 240 million web application attacks in 2020, a 340% increase from 2019. Credential stuffing attacks reached nearly 11 billion, up 224% from the previous year. SQL injection was the most common attack vector, making up 59% of incidents. The report highlights ongoing security challenges, stressing the importance of robust password management and multi-factor authentication for gamers.

Positive

• Released impactful research highlighting a critical security issue in the gaming industry.
• The report positions Akamai as a thought leader in cybersecurity, potentially attracting new clients seeking enhanced security.

Negative

• The dramatic rise in attacks indicates vulnerabilities in the gaming industry, which may affect Akamai's reputation if clients feel insecure.
• A significant increase in credential stuffing attacks may lead to reduced user trust in digital gaming environments.

CAMBRIDGE, Mass., June 23, 2021 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the world's most trusted solution for protecting and delivering digital experiences, today released research showing that cyberattack traffic targeting the video game industry grew more than any other industry during the COVID-19 pandemic. According to Akamai's new State of the Internet / Security report, Gaming in a Pandemic, the video game industry suffered more than 240 million web application attacks in 2020, a 340% increase over 2019.

Mobile games incorporating in-app purchases are also subject to a consistent barrage of attacks, according to the Akamai report. Criminals are seeking any opportunity to exploit players who spend real money on virtual, in-game items like skins, character enhancements and additional levels. The report highlights a recent example in which bad actors used a phishing kit to steal player email addresses, passwords, login details, and geolocation information that they subsequently sold on criminal markets.

"Criminals are relentless, and we have the data to show it," said Steve Ragan, Akamai security researcher and author of the State of the Internet / Security report. "We're observing a remarkable persistence in video game industry defenses being tested on a daily - and often hourly - basis by criminals probing for vulnerabilities through which to breach servers and expose information. We're also seeing numerous group chats forming on popular social networks that are dedicated to sharing attack techniques and best practices."

SQL injection (SQLi), which targets player login credentials and personal information, was the top web application attack vector in 2020, representing 59% of all attacks Akamai observed against the gaming industry. That was followed by local file inclusion (LFI) attacks at 24%, which target sensitive details within applications and services that can further compromise game servers and accounts. Cross-site scripting (XSS) and remote file inclusion (RFI) attacks accounted for 8% and 7% of observed attacks, respectively.

The video game industry suffered nearly 11 billion credential stuffing attacks in 2020, marking a 224% increase over the previous year. The attacks were steady and large, taking place at a rate of millions per day, with two days seeing spikes of more than 100 million. Second only to phishing in popularity of account takeover attacks, credential stuffing attacks were so common in 2020 that bulk lists of stolen usernames and passwords were available for as little as $5 on illicit websites.

"Recycling and using simple passwords make credential stuffing such a constant problem and effective tool for criminals," Ragan said. "A successful attack against one account can compromise any other account where the same username and password combination is being used. Using tools like password managers and opting into multi-factor authentication wherever possible can help eliminate recycling and make it far more difficult for bad actors to execute successful attacks."

Read the Akamai 2021 State of the Internet / Security report: Gaming in a Pandemic, on our State of the Internet page. 

For additional information, the security community can access, engage with, and learn from Akamai's threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape by visiting Akamai's Threat Research Hub.

About Akamai
Akamai secures and delivers digital experiences for the world's largest companies. Akamai's intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone — and attacks and threats far away. Akamai's portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world's top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations.

Contact:
Chris Nicholson 
Akamai Media Relations 
+1 617-444-2987 
cnichols@akamai.com

Tom Barth 
Akamai Investor Relations 
+1 617-274-7130 
tbarth@akamai.com

View original content to download multimedia:http://www.prnewswire.com/news-releases/video-game-industry-faced-highest-growth-in-cyberattacks-during-pandemic-301317795.html

SOURCE Akamai Technologies, Inc.

FAQ

What percentage of web application attacks in the gaming industry were SQL injections?

SQL injections accounted for 59% of all web application attacks in the gaming industry in 2020.

How many web application attacks did the gaming industry experience in 2020?

The gaming industry experienced over 240 million web application attacks in 2020.

What was the increase in credential stuffing attacks in the gaming industry in 2020?

Credential stuffing attacks in the gaming industry increased by 224% in 2020.

How did the volume of cyberattacks on the gaming industry change during the pandemic?

Cyberattack traffic targeting the gaming industry grew by 340% during the COVID-19 pandemic compared to 2019.