How the Gaming Landscape Has Changed

Authors: Steven Burns , Gus Fritschie , Melissa Aarskaug

The Gaming Landscape Has Changed – And So Have Security Risks

In today’s IT landscape, consumer behavior and the adoption of a hybrid workplace model have greatly changed the way gaming conducts business. Cyberattacks on the gaming sector were up 167% in 2022 (Info Security Magazine) and cybercrime has become a global profit center.

Global cybercrime costs are expected to reach $10.5 trillion USD annually by 2025 (Cost of a Data Breach Report, 2022, IBM Security). This, combined with the fact that many gaming organizations may not have salient cybersecurity plans or strategic roadmaps in place, means more gaps and vulnerabilities in gaming security exist.

A Peek Inside the Cybercrime Economy

Gone are the days of cybercrime being committed only by skilled hackers. They are savvy businesspeople who have successfully built a cybercrime gig economy by selling the tools needed to launch a cyberattack to anyone interested in doing so.

Expert hackers make it easy by offering the tools as a Software as a service (SaaS)-style subscription service, delivered on a cloud-based platform. SaaS are any services that are connected to the cloud over the internet, such as Outlook, Salesforce, Dropbox, etc.

Additionally, cybercriminals make it affordable for even a hobbyist to perform a cyberattack by purchasing a phishing kit for as low as $6/day. A bad actor can get everything he needs to attack your gaming organization for as little as $20, thanks to the cybercrime gig economy. Wondering what other tools can they buy?

The Gaming Industry is Not Immune to Cyberthreats

Cyberattack motivations vary, but money—a lot of money—is involved in every situation. The gaming industry is a prime target for cybercriminals to infiltrate vulnerable networks.

Ultimately, gaming organizations offer customers a safe way to hold and transfer money pending the outcome of a bet. Customers trust that they are providing their personal information—and often payment details—via a secure method to the gaming host when participating in gaming at a casino or online. They aren’t betting on handing their info over to a cybercriminal to sell online. When that happens, the trust between the gaming organization and the customer is broken, and the odds are 100% in favor of the cybercriminals.

The gaming industry has innovated, and now more and more consumers can place bets from their mobile devices at home, on the go, and even during work hours. The increase in online sportsbook betting means a growing number of users are providing a significant amount of personal data online when they place bets. Cybercriminals are very aware of this, and that is why there have been multiple large-scale breaches just last year.

• Data from 68,000 DraftKings customers was compromised during a credential-stuffing attack in 2022, enabling the hackers to steal hundreds of thousands of dollars from the victims.
• BetMGM also suffered a data breach that year, with 1.57 million customer records being sold on a cybercrime forum. This just added insult to injury to MGM Resorts and Casinos—in 2020, the data of 142 million hotel guests was stolen and continues to be sold off within the dark web to be used in spear phishing and ransomware attacks
• Gateway Casinos in Canada was hit with a ransomware attack in mid-2023 and was forced to close about 14 properties in Ontario, costing approximately millions of dollars in lost gaming revenue. The shutdown was the result of a severe security breach against the company’s information technology (IT) infrastructure, according to Casino.org.

How Much Would You Pay For Your Data?

The hottest item on the cybercrime market is your data. If it was held for ransom, how much would you pay?

According to IBM’s latest data breach report, the average cost of a ransomware breach was $4.54 million in 2022, which does not include the actual cost of the ransom itself.

For gaming organizations, that may not seem like much, but the longterm impacts that go along with a data breach like that can amount to much more. Loyal customers that had their data stolen are left with uncertainty. The lost resources and time spent to involving authorities, cybersecurity experts, and cyber insurance experts will never be recovered. Damage to a brand could take years to repair with the costly help of public relations experts.

Just like a regular economy, the cybercrime gig economy is a constant cycle of buying and selling. Ransomware attacks enable cybercriminals to make money while gaining data to sell on the dark web for more money. That data is purchased to infiltrate new networks to repeat the cycle.

When You Take the Risk, Cybercriminals Reap the Rewards

Cybercrime is growing, but your gaming organization has a solid IT team with strict security protocols in place. That may be the case today, but what about tomorrow? What does your IT roadmap look like? Is your team continuously and proactively learning about new security vulnerabilities and cyberthreat trends? With such a rapidly changing security landscape—especially in the gaming industry—experts can be outsourced to take the pressure off.

Even recruiting, hiring, training, and retaining cybersecurity IT talent these days is proving to be so costly and difficult that it’s making less and less sense to insource. Risking the time and effort it takes to recruit and train while gaps form in your security posture, leaves the door open for cybercriminals.

More and more gaming organizations are relying on third-party security experts to help them with security roadmap planning, third-party penetration testing, security auditing, advanced threat hunting and monitoring, and more.

This helps alleviate the growing list of responsibilities on internal IT teams so they can continue to keep things running smoothly in-house. This enables gaming organizations to sleep at night while third-party security experts are working 24/7 to understand new threat vectors and develop new ways to mitigate sophisticated attacks.

NEXT STEPS

A Guide for How Gaming Organizations Can Tackle IT and Security Hurdles

Today’s digital landscape has changed how the gaming industry operates, introducing new platforms, devices, and even business models. With the rise of online gaming and the exponential popularity of smartphones, gaming organizations need to adapt, pivoting with consumer behaviors. But this technological shift has also opened the door to more cybercrime than ever.

Many key players in the industry aren’t fully aware of how cyber threats have grown, both in severity and frequency. They may have IT staff in place to respond to threats, but no way of knowing if their defenses are really able to handle new challenges.

Learn how to strengthen your defenses against modern cyber criminals with this eBook.

Get Your Copy: https://bit.ly/3WZKCWn