Gaming sites hit with billions of cyberattacks

Zero-day attack
Image credit: Shutterstock (Image credit: Shutterstock.com)

Cybercriminals have set their sights on the gaming industry and a new report has revealed that 12bn credential stuffing attacks were carried out against gaming websites over the course of 17 months leading up to March 2019.

Akamai's 2019 State of the Internet / Security Web Attacks and Gaming Abuse Report highlights how the online gaming community is one of the fastest rising targets for credential stuffing attacks as well as one of the most lucrative targets for attackers.

During the same time period in which gaming websites saw heightened attacks, Akamai observed a total of 55bn credential stuffing attacks across all industries.

The firm's report also revealed that SQL Injection (SQLi) attacks now represent 65.1 percent of all web application attacks with Local File Inclusion (LFI) attacks accounting for 24.7 percent. Akamai's data shows that SQLi attacks have continued to grow in popularity among cybercriminals after experiencing a spike in activity during 2018's holiday shopping season and the attacks have continued at an elevated rate since that time.

SQLi and credential stuffing attacks

SQLI and credential stuffing attacks almost share a direct link as the majority of the credential stuffing lists on the dark web and on various internet forums use data that originated from some of the world's largest data breaches, many of which have SQLi as a root cause.

Security researcher at Akamai and editorial director of its latest report Martin McKeay explained why the gaming industry has become such a valuable target for cybercriminals, saying:

“One reason that we believe the gaming industry is an attractive target for hackers is because criminals can easily exchange in-game items for profit. Furthermore, gamers are a niche demographic known for spending money, so their financial status is also a tempting target. While gaming companies continue to innovate and improve their defenses, these organizations must also continue to help educate their consumers on how to protect and defend themselves. Many gamers are young, and if they are taught best practices to safeguard their accounts, they will incorporate those best practices for the rest of their lives.” 

Akamai's report also found that the US is the top source country for credential stuffing attacks while Russia and Canada take the top two spots targeting the gaming sector.

Via Venture Beat

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.