Cyber crooks take aim at their next big target: eSports tournaments and players

Researchers at Trend Micro detail the ways in which the multi-billion dollar competitive online gaming industry could be vulnerable to malicious campaigns including DDoS attacks, malware and extortion.

This is how cyberattacks threaten the multi-billion dollar eSports industry ZDNet's Danny Palmer explains competitive video gaming is big business - so now it's attracting the attention of cyber criminals and hackers. Read more: https://zd.net/34vuY92

Cyber threats including malware, distributed denial of service (DDoS) attacks and extortion all threaten the esports industry, as criminals increasingly look to target what has turned into a multi-billion dollar industry.

Competitive online gaming has generated professional teams that play for prize pots worth millions of dollars, with esports tournaments selling out stadiums and being watched live by large audiences around the world.

However, this growth – and the money associated with it – means that esports is becoming a prime target for hackers and cybercrime, warns a new report from Trend Micro.

"We predict that cybercriminals will increasingly target the esports industry over the next three years. Many cybercriminal underground forums already have sections dedicated to gaming or esports sales. The market for stolen gaming accounts and hacks are flooded, much like the market for stolen credit card accounts," the report said.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

"When something gets enormous – huge – there will always be individuals and groups who will want to abuse it. The gaming and esports enterprises are the same," said Bharat Mistry, principal security strategist at Trend Micro.

"With millions of dollars available it is bound to pull in cybercriminals or digital hoodlums whose main game is abusing vulnerabilities with the goal of illicit financial gain"

DDoS attacks are the simplest malicious campaigns that could impact esports tournaments, with the potential for traffic being directed at servers where online matches are hosted. Not only could slowing online connections cause disruption in games where milliseconds can determine outcomes, there's also the potential for entire tournaments being taken offline.

Researchers also warn that attackers could blackmail tournament organisers, demanding payment in exchange for not launching a DDoS attack – something which organisers might consider given how events are broadcast live and the reputational damage that will occur to the host organiser if the event gets taken offline.

Another attack vector that hackers could take advantage of is vulnerable game servers: researchers scanned esports-related servers using Shodan and found 219,981 were accessible.

While online game servers are internet-facing by their very nature, the way that they're accessible via Shodan makes it simple for cyber criminals to locate the servers and potentially identify unpatched vulnerabilities.

Unpatched servers could provide cyber criminals with access that they could use to conduct sabotage, inject scripts or even use to steal login credentials, which could potentially be used as a gateway to gain access to game company servers, or even the accounts of high-level professional players.

SEE: This old trojan malware is back with a new trick to help it hide in plain sight

Researchers also warn that it's possible that famous gamers could also be targeted in the same way via the use of spear-phishing attacks.

The good news is that video game companies and tournament organisers are mostly aware of the threats esports faces from cyber criminals. But that doesn't mean the industry can rest on its laurels because as the sector becomes bigger and more lucrative, attackers will put in extra effort into attempting to compromise it.

For now, researchers recommend that in order to stay protected against cyber attacks, companies in the eSports industry apply patches to secure systems against known vulnerabilities and employ layered defences to help protect servers.

MORE ON CYBER SECURITY