Akamai: Web application attacks are up against gamers by 167%

Interested in learning what’s next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit Next. Register today.

It’s dangerous these days to be a careless gamer. The research from the folks over at Akamai all but confirms it. Attacks from cyber criminals against player accounts and gaming companies are on the rise. From May 2021 to April 2022, web application attacks are up a stunning 167%.

Web application attacks, to break it down, are the things you kind of think about when someone talks about getting hacked, like a phishing email. But they can get more complicated than that, like SQL injection attacks. Those are kind of like poking at a website database over and over to force it to respond.

The top three web application attacks this year are LFI attacks (38%), SQLi attacks (34%) and XSS attacks (24%). DDOS attacks rose by 5% this year as well. There were 821,648,208 web application attacks this year, just in the gaming industry.

The question is why is there such an increase? The answer? It’s money. It’s always about the money.

Cyber criminals use these kinds of attacks to breach game systems and accounts, which can grant them access to player credentials, passwords, account details and more. Gaining access to back-end databases can allow them to create cheats in games, then turn around and sell them. They can quietly manipulate in-game economies for their own ends, usually in the pursuit of real-world money.

It isn’t just quiet manipulation, either. Once hackers have a stash of player’s log-in credentials they can use those accounts as disposable advertisements. I’m sure we’ve all seen accounts selling gold in MMOs. It’s all part of the scam.

 The future looks like trouble

Akamai’s research suggests the industry’s push towards cloud gaming could cause problems in the future. Cloud services offer a larger field of attack; instead of a single game hackers could hit all the games on the service.

So what can gamers do? Well, honestly, it’s a lot of the same tips and tricks we’re using already. Don’t click on suspicious email links. Don’t visit unsecured websites. Enable two-factor authentication.

Specifically, app-based two factor authentication. It does nobody any good if you’re receiving email codes and your email is breached. Keep your fingers crossed that the games and services you use are protecting themselves.

GamesBeat’s creed when covering the game industry is «where passion meets business.» What does this mean? We want to tell you how the news matters to you — not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it. Learn more about membership.