Though cybercriminals have been targeting the gaming community since 2010, eSports players, gaming companies, sponsors and viewers will be more at risk over the coming years from data theft, ransomware, DDoS, hardware hacks and cybercrime-as-a-service, Trend Micro research reveals.
The eSports industry has grown rapidly in popularity over recent years and is projected to reach $1.7B in revenue by 2021. It has also evolved to include a professional sporting league, with stadiums selling out to host competitions and top players earning millions. This growth is attractive for financially motivated criminals.
“If there’s one thing we know about malicious actors, it’s that they follow the money. Trend Micro has already observed nation state groups taking advantage of security gaps to target the gaming industry for financial gain, and we expect the same in eSports,” said Jon Clay, director of global threat communications for Trend Micro.
“As eSports becomes a billion-dollar industry, it’s inevitable that attackers will look to capitalise over the coming years. We predict the sector will experience the same kind of attacks as the gaming industry, but on a much larger scale, with financially motivated actors getting involved for monetary and geopolitical reasons.”
The research predicts cybercriminals will ramp up their efforts to make money from ransomware aimed at sponsors and players, DDoS-for-hire services, breaches of personal information (PII), services to illegally boost gaming scores, and stolen gaming accounts.
Weak password and authentication security, which is already enabling widespread account takeover, will continue to play a role in making these attacks possible.
The impacts from breaches, ransomware, DDoS and other attacks on gaming companies and sponsors can be severe, leading to damaged brand reputation and revenue loss.
The servers used by companies to host valuable gaming assets are a prime target for exploitation by hackers – as of July 25, 2019 there were 219,981 exposed gaming assets easily discoverable via a Shodan search.
“When something gets enormous – huge – there will be always individuals/groups who will want to abuse it. The gaming and esports enterprises are the same. The market estimation of eSports will be over $1.7 billion by 2021.
“With millions of dollars available it is bound to pull in cybercriminals or digital hoodlums whose main game is abusing vulnerabilities with the goal of illicit financial gain” said Bharat Mistry, principal security strategist at Trend Micro.
To protect these valuable assets, the eSports industry should leverage a multi-layered defense system to protect servers and virtually patch known vulnerabilities.