The COVID 19 pandemic sweeping the globe has seen gaming reach new heights of popularity as people around the world seek out socially distanced forms of entertainment. This surge has only encouraged potential cyber attackers, with credit card details and sensitive personal data the primary targets. 

The prevalence of online gaming with its massive global player base makes such companies prime targets for hackers and mischief-makers. Japanese video game giant Capcom has become the latest in a string of gaming-related cyberattacks, with apparent breaches of email and file servers.  

The Capcom breach

The cyberattack on Capcom which occurred in the early hours of November 2nd is still under investigation, so hearsay and rumors abound. But according to sources, the email and file servers were affected, without a breach of customer data, often a far more serious outcome. Capcom is confident not only of the data remaining secure but also that online gaming connections have not been affected. But sources also point to the fact that once the breach was detected internal networks were cut, which likely points to efforts to prevent the spread of ransomware. 

At the time of writing an internal investigation was still taking place, in cooperation with a police operation.  It has been speculated – but not confirmed by Capcom – that the hackers were ransomware operators leveraging the Ragnar Locker ransomware variant. Since details are sketchy at present, it’s impossible to confirm whether the attack was designed to deploy ransomware or to access customer data, or both. 

Capcom has issued statements apologizing for the situation, as well as to reassure customers that their data is still secure. ”At present, there is no indication that any customer information was breached. This incident has not affected connections for playing the company’s games online or access to its various websites” the brief statement said. 

Gaming under threat

Capcom is by no means the first gaming company to be targeted by cyber attackers. The nature of the global gaming industry makes it appealing to hackers – first of all, it has seen massive growth in 2020 – 54% in April alone – and the possibility of cybercrime grows exponentially. But gamers themselves are also susceptible – in the search for pirated games, they are more likely to access links and torrents which contain viruses, malware, spyware, and more. 

Online gambling

One area that has been resilient to cyberattacks is online gambling like for example casino websites – although they may seem an obvious choice for hackers. With millions of transactions taking place every day, online casinos have specific and highly developed security measures to protect both the finances and confidential data of their user bases. On top of that there are the multitudes of affiliate websites, which help users by recommending the best anonymous payment methods and different types of VPN – especially common in countries with heavily restricted gambling laws such as those in the Middle East. These factors have the inadvertent effect of keeping financial details in this industry more secure. But casinos and betting sites aren’t 100% immune to attacks – in March this year SBTech fell victim to a ransomware attack, and professional Chinese hackers have revealed their successful infiltration of numerous Asian gambling sites over the last few years. 

Ubisoft and Crytek

Another major incident just last month involved Ubisoft and Crytek – both of them targeted by the same attackers. The Egregor ransomware gang successfully breached both companies, posting sensitive confidential data on their dark web portal. For Ubisoft the damage didn’t appear to be too severe, with 20Mb of data put on display. Crytek, however, were severely compromised, alongside customer data were numerous documents relating to game development, with information about the development process of such titles as Arena of Fate and Warface. 

Animal Jam

Yet another breach this month involved online children’s playground Animal Jam, with data from 46 million user accounts compromised. This includes many email addresses, 32 million usernames with encrypted passwords, names, and billing addresses. It also includes many details such as genders, birthdays, and parent accounts. In response to this massive breach, Animal Jam has advised all users to immediately change their passwords, and to report any unusual transactions, although it is thought that most highly sensitive details remain encrypted. The company is investigating and reviewing its overall security protocol in response to the breach. 

The popularity of online gaming has given rise to increased cybercrime across the industry. With giants such as Capcom appearing vulnerable, it seems that companies across the board need to tighten their regulations and keep their security systems updated, and one step ahead of the hackers.