We’re living in troubling times, folks. Cyber-criminals are getting smarter, and the methods we’ve got to combat them simply aren’t evolving quickly enough to keep up. The ever-increasing instance and severity of breaches we’ve been seeing of late should be evidence enough of that. Everything from Facebook to Google to Washington State itself has been victimized. What’s worse, as we become more and more reliant on the Internet and the cloud; as we store more and more of our data online, the payoffs for a successful breach become larger and larger.
The games industry isn’t immune to this trend, either.
Gaming Community Sees More and More Security Breeches
Gaming’s seen its fair share of break-ins. Steam was hacked. Battle.net was compromised. The PlayStation Network was breached (everybody remembers that one, right?). Now, over the course of one month, we’ve seen no less than four developer websites hit, and all with a similar methodology. First on the chopping block was the Japanese Club Nintendo site, which was breached back at the beginning of July. We’ve still no word as to whether or not the personal details the hacker acquired have been misused.
Next up was Bohemia Interactive’s website, which had a database containing the personal information of its users downloaded. Again, as with the Club Nintendo breach, no financial data was stolen. Not even a week after the Bohemia Interactive breach, Konami came forward to say that it too was hit with an attack, and cautioned its users to change their passwords. Finally, at the beginning of this month, Crytek took down its websites after noticing some ‘suspicious activity.’
It seems too convenient to be a coincidence, yet we still have no idea what the hacker (or hackers, as it were) are actually after in this case. We also don’t know whether or not they’re going to strike again. For my part, I believe that there’s a good chance they will. They’re likely going to keep going until they get caught…or at least until developers wise up to their methods.
So…are we in full-blown crisis mode? Should we start panicking?
Probably not. For most organizations, this is hardly anything new. Cyber-security has been a pressing, constant concern in virtually every industry for over a decade now. In the case of gaming, it was mostly reserved for online games. Even then, one could argue that crime was markedly less common than in other markets, owing to gaming’s status as a fringe culture. Few criminals targeted games because, to be frank, there were better and more lucrative targets elsewhere.
Unfortunately, that may not be the case any longer. Gaming has grown up. It’s gone main-stream. There’s actually a profit to be made in cracking developer websites, stealing account information and characters, and targeting development studios. In short, we can’t really hide behind our obscurity any longer. Game developers need to realize the potential risks of running things online, and step up security accordingly.
As for all the rest of us, the best thing we can do is make sure we’ve a secure password protecting our details. From that point onward, it’s in the hands of the publishers and developers. All we can really do is hope they care enough to do more than sell use a $5 authenticator.