Lessons from Recent Network Security Exploits in Online Gaming

January 29, 2018 Arctic Wolf Networks

Online video gaming has now been around for decades. The original Nintendo Famicom—redesigned outside Japan as the Nintendo Entertainment System—had limited online functionality, and many game consoles in the 1990s were compatible with third-party networking peripherals.

However, it wasn’t until the late 2000s that networked games really took off with the spread of broadband, cloud computing and more powerful CPUs/GPUs. And in 2017 the Entertainment Software Association found that the most frequent gamers spent more time playing multiplayer games online than locally.

The cloudification of games has significantly impacted cybersecurity. Many games are no longer standalone discs or cartridges, but constantly connected software applications with regular updates, patches and scheduled periods of server maintenance—meaning potential attack vectors are everywhere. Moreover, the popularity of major online games has made their infrastructures magnets for distributed denial-of-service (DDoS) attacks.

Space Invaders: How a Critical Flaw Exposed Countless Gaming PCs to Hijacking

In January 2018, researchers at Google Project Zero revealed an exploit affecting every currently supported release from a prominent game publisher. The vulnerability was contained in an update agent that applied upgrades and patches to games with millions of worldwide users.

It permitted commands to install, uninstall and change settings on the devices (mostly specialty PCs) used for playing these games. Given the pace and routineness of updates today—many games actually require patches on release day to even be played for the first time—it’s possible that many users got more than they bargained for, in the form of malware used to enlist their high-end hardware into botnets.

The flaw’s solution has created additional issues. Instead of whitelisting specific domains, the new authentication system is built on a blacklist that must constantly update to ensure comprehensive protection from cyberattacks. Such porous security is nothing new in online gaming. The US Computer Emergency Readiness Team (aka US-CERT) documented weaknesses in massive online multiplayer games a decade ago, warning of the spyware, Trojans and other infections more recently verified as real threats.

Online gaming is a common target of cyberattacks.Online gaming is a common target of cyberattacks.

Why Online Gaming Security Affects Everyone

While video games are enormously popular, the scope of the security issues affecting them can seem limited compared to other security challenges, such as poorly secured Wi-Fi or unpatched CPU vulnerabilities. However, there are good reasons not to ignore the risks on the gaming front:

1. Some gaming devices have powerful technical specs…

Late in 2017, some gamers began noticing a commercial shortage of graphics cards, leading to markups of 100 percent and more on the secondary market. In addition to being essential components of gaming rigs and consoles, GPUs are also crucial infrastructures in cryptocurrency mining, with much more computing brawn than a standard PC. A speculative bubble in cryptocurrencies such as Bitcoin drove up demand for powerful hardware.

Gaming machines’ high processing power makes them particularly dangerous as potential botnet members. If hijacked via an online updater or even through more conventional means such as a phishing email, these PCs add significant resources to botnets used for executing DDoS attacks, spamming emails and distributing malware, while at the same time mining digital currencies.

2. …while others are just general-purpose (read: vulnerable) computers

Most gaming now takes place on smartphones and tablets, where free-to-play games are abundant and consistently among the highest-grossing applications. Unlike the dedicated portable consoles of the past, modern mobile gaming devices are deeply networked and accordingly exposed to all the usual risks of infection. Carnegie Mellon University (CMU) students were able to successfully attack a supermajority of the 100 most popular mobile games a few years ago, clearly demonstrating the risk.

For example, a poorly secured game could endanger a bank account linked to a smartphone or tablet, or enable surveillance in the workplace. The CMU researchers were able to manipulate purchase amounts in many of the games they tested; other games have pioneered techniques such as the use of device microphone access to scan for ambient clues for purposes of targeted advertising.

Learning from the Security Struggles of the Video Game Industry

The enormous attention and vast sums of money channeled into video gaming have long made it a prime target for cyberattacks, from furtive malware downloads to high-profile DDoS campaigns. Enterprises as a whole can learn from the game industry’s trials and tribulations in keeping their systems sufficiently secure-namely, by entrusting this process to a managed service provider-maintained security operations center (SOC).

Known as SOC-as-a-service, it simplifies the setup, operation and maintenance of network security devices and services. Rather than pay a significant sum upfront and be responsible for all ongoing patches and incident responses, you instead get the peace of mind from having expert security engineers overseeing these tasks 24/7/365. Plus, all key infrastructure is securely hosted and routinely updated offsite.

The AWN CyberSOC offers the rare combination of cost-effectiveness and technical superiority over the alternatives, such as setting up your own SOC or enduring the complexity of a co-managed security information and event monitoring (SIEM) solution. CyberSOC includes a cloud-based SIEM and expert management, all covered by straightforward subscription pricing. Learn more by reading our brief on incident response.

Previous Article
A Simplified Regulatory Checklist for Financial Institutions
A Simplified Regulatory Checklist for Financial Institutions

We've identified a few core SOC resources, processes and technologies that fundamentally improve compliance...

Next Article
Five Security Trends and Predictions for 2018
Five Security Trends and Predictions for 2018

2018 is already here, and that means it's time to set our sights on the year ahead. Here's what we expect t...


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!