Cybercriminals have set their sights on the gaming industry and a new report has revealed that 12bn credential stuffing attacks were carried out against gaming websites over the course of 17 months leading up to March 2019.
Akamai's 2019 State of the Internet / Security Web Attacks and Gaming Abuse Report (opens in new tab)highlights how the online gaming community is one of the fastest rising targets for credential stuffing attacks as well as one of the most lucrative targets for attackers.
During the same time period in which gaming websites saw heightened attacks, Akamai observed a total of 55bn credential stuffing attacks across all industries.
- EMEA businesses 'under constant cyberattack'
- London's top tourist attractions targeted by millions of cyberattacks
- Only half of businesses think they can defend themselves against cyberattacks
The firm's report also revealed that SQL Injection (SQLi) attacks now represent 65.1 percent of all web application attacks with Local File Inclusion (LFI) attacks accounting for 24.7 percent. Akamai's data shows that SQLi attacks have continued to grow in popularity among cybercriminals after experiencing a spike in activity during 2018's holiday shopping season and the attacks have continued at an elevated rate since that time.
SQLi and credential stuffing attacks
SQLI and credential stuffing attacks almost share a direct link as the majority of the credential stuffing lists on the dark web and on various internet forums use data that originated from some of the world's largest data breaches, many of which have SQLi as a root cause.
Security researcher at Akamai and editorial director of its latest report Martin McKeay explained why the gaming industry has become such a valuable target for cybercriminals, saying:
“One reason that we believe the gaming industry is an attractive target for hackers is because criminals can easily exchange in-game items for profit. Furthermore, gamers are a niche demographic known for spending money, so their financial status is also a tempting target. While gaming companies continue to innovate and improve their defenses, these organizations must also continue to help educate their consumers on how to protect and defend themselves. Many gamers are young, and if they are taught best practices to safeguard their accounts, they will incorporate those best practices for the rest of their lives.”
Akamai's report also found that the US is the top source country for credential stuffing attacks while Russia and Canada take the top two spots targeting the gaming sector.
- Also check out the best antivirus