Esports & cybercriminals
Yakup Borekcioglu
Vice President and Managing Director: Elevating Revenue Streams and Cultivating High-Impact Teams for Market Domination.
Electronic sports (esports) is positioned to be a billion-dollar industry in 2019 because of growing ad revenues, sponsorships, media rights, and viewership. Events that previously catered to a niche market are now considered mainstream entertainment, with major esports tournaments held in full-sized stadiums and fans coming in from all over the world. The total prize money for esports competitions reached $150.8 million in 2018 — a significant increase from the $112.1 million prize pool in 2017. In 2019, The International 9, the largest Dota 2 tournament of the year, awarded more than $30 million in prizes, taking the record for awarding the largest prize pool for a single esports event.
Those kind of large cash prizes can motivate unscrupulous players to look for an unfair advantage over other players, which in turn creates a market for game cheats in the underground. These competitions also bring out underground entities looking to take advantage of esports for political, financial, or ideological reasons.
According to our predictions, cybercriminals will increasingly target the esports industry over the next three years. Many cybercriminal underground forums already have sections dedicated to gaming or esports sales. The market for stolen gaming accounts and hacks are flooded, much like the market for stolen credit card accounts.
Welcome to esports world:
The world of esports includes game developers, sponsors, viewers, and players. The most active competitors are from the US which is almost triple the number of players in the country coming in second, South Korea according to a report by Statista. On the other hand, the number of esports viewers is higher in Asia. A 2019 report by Statista shows that 57% of frequent viewers and enthusiasts resided in the Asia Pacific region. This leads us to believe these two regions will be the most targeted in the future.
In addition, esports appears to be growing rapidly in the Middle East, with the United Arab Emirates (UAE) constructing the region’s first dedicated esports venue: the Dubai X-Stadium. The rise of esports in the MENA region is due to high internet and smartphone penetration rates. The video game industry in the Middle East is estimated to be worth more than $1 billion annually, and is expected to increase to $4.4 billion by 2022.
The Russian government officially recognized esports in 2016 as a sporting discipline; 38% of the online Russian population watch gaming video content. Russia’s gaming market reportedly reached 1.8 billion in 2018, with 65.2 million players. In 2018, Japan had 67.6 million gamers, with the majority playing on mobile platforms.
Control your back: You can be shot by a robot
A quick search for hacks on cybercriminal underground forums reveals hundreds of aimbots and wall-hacks - essentially cheat tools prohibited in official competitions for sale. Aimbots are a type of software used in multiplayer first-person shooter games to provide varying levels of automated targeting that gives the user an advantage over other players. Wallhacks allow the player to change the properties of in-game walls by making them transparent or nonsolid, making it easier to locate or attack enemies. Prices for such tools start at US$5, but we found an aimbot being sold for $1,500.
Pay-for-play: Your rival is not your rival
“Boosting” is expected to become more popular in cybercriminal underground forums. Boosting involves a player allowing another player to log into his or her account and play to increase their levels or leaderboard standings. In February 2019, twelve Overwatch players in China were banned for boosting. The twelve players have also been banned from all future Blizzard-endorsed tournaments — the first ever such ban given. Players can also use other techniques like stream snipping to gain an advantage. This is when a player sees the screen of another player using someone else’s Twitch stream, which allows one to see other players’ locations and current moves.
Hardwares are secret weapons
Hardware used in competitions can be manipulated as well. For each tournament, a gaming board sets the rules on what equipment they allow tournament participants to use. A lot of professional tournaments allow players to bring their own mouse and keyboard, which have been known to house hacks. Nearly a year ago, a Dota 2 team was disqualified from a $15 million tournament after judges caught one of its members using a programmable mouse. The mouse allowed the player to perform movements that would be impossible without macros.
DDoS services will be used to fix matches
There is a clear risk of disruption when we consider DDoS and esports events. DDoS attacks cause serious lag issues in a competition where every second matters — they can be used to influence and even fix matches. This can affect revenue, tournament schedules, sponsors’ reputations, legal online betting, and even get a team disqualified. We can also assume that cybercriminals will continue to demand a ransom in similar extortion activities.
In general, DDoS attacks can result in serious downtime; according to a DDoS attack report from IDG,36% of companies that experience more than five DDoS attacks suffer seven to 12 hours of downtime.
For a gaming platform, even a few minutes of downtime is a serious issue
Targets are not just the players also the sponsors
Cybercriminals are increasingly deploying targeted ransomware, aiming for a higher success rate of payments from victims. The sponsors of esports events should be very careful here as it could expose their brands to certain risks. If a hacktivist or financially-motivated group started looking for targets, sponsors will likely be first in their sights — attackers might assume a known brand’s pockets are deeper than the players’ or the game organizers’.
Undoubtedly, ransomware has plagued gamers and businesses for years. TeslaCrypt ransomware variants that infected gamers’ computers and searched for file extensions related to various popular game titles (such as Call of Duty, Diablo, League of Legends, Minecraft and Resident Evil) and locked the games’ saved data, player profiles, DLCs, and game mods stored in the victim’s computer. Victims of the ransomware were instructed to pay US$500 in bitcoin within one week; the ransom doubles to $1,000 after the deadline. As saved games and gaming profiles represent hundreds of hours of gameplay, victims could feel inclined to pay the ransom.
Also cybercriminals expected to compromise famous Twitch and YouTubers gamers’ social media accounts. Cybercriminals will look for accounts that have several million followers and will use targeted phishing attacks and malware to take over these accounts. These famous and popular social media accounts not only have a wide reach and capillarity, but also represent their brands and sponsors.
25% of stuffing attacks target gaming industry
Data breaches are a threat to esports as cybercriminals look for other targets to harvest personally identifiable information (PII). According to recent findings by Akamai, the tech industry has experienced nearly 55 billion credential stuffing attacks globally, and out of these, 12 billion attacks were directed towards the gaming industry.
In 2016, the eSports Entertainment Association was hacked. The hacker leaked the data of 1.5 million players after the attacker’s demand of US$100,000 was denied. Hackers can also steal players’ in-game tokens and weapons, which can be worth a lot of money in the underground market. In August 2019, a scam used a fake “free game” giveaway site to steal the account information of Steam users. It used a fake login page, and even a fake popup that helped it bypass two-factor authentication. The hackers then accessed the account’s friend list and sent them phishing messages to gain more victims.
Summary:
There’s no doubt that cybercriminals will heavily target the esports industry starting this year. Most importantly, through analysis of the esports market and the technology behind it, we strongly believe that it will face the same types of cyberattacks that the gaming community is already facing — but on a larger scale. Also, with esports predicted to join the Olympics in the future, new challenges lie ahead.
These threats should also concern the parties and organizations with ties to the esports industry. They have to be careful as such exposure may lead to financially or politically motivated attacks. Both brand reputation and company earnings are at risk here.
Finally, the players have to pay more attention to their online security and demand more security from the platforms that store or access their profiles, since any compromise could put money and credibility at risk.