On 12 February Nexon US Holding wholly-owned subsidiary Big Huge Games informed players that it has been the victim of a customised attack, which impacted company data. An investigation into the issue is going on, and at this time there is no evidence indicating that personal information of players – including credit card data – has been compromised. Most Personally Identifiable Information of players is managed by third-party vendors, or is stored off-premise.
The Big Huge Games Information Security team has notified authorities and is working to determine the extent of the attack. There is no evidence suggesting that the data of Nexon US Holding, its parent companies, or affiliates, have been impacted by this incident.
The digital realm has been swarming with cyberattacks ,and is becoming more and more sophisticated as it is evolving every day. The more we are becoming dependent on worldwide web the more we are tossing our lives into uncertainty. During Covid19 lockdown users swelled ‘significantly’ in online gaming platforms, games, community, and store. Everyone was opting gaming as the mode of entertainment more than ever. This triggered the attackers more to take advantage of the opportunity. Kaspersky, upon investigation, found many instances of cyber attackers exploiting this increased engagement in video games: in April there was a 54 per cent increase in the daily number of attempts to direct users to malicious sites from gaming platforms, or using gaming themes, when compared to January. Users are typically lured from their game by promises on the interface of free versions of games, updates or cheats. But if they click on the links, malicious programs like malware, ransomware and miners can be downloaded.
If we look back in history the inception of cyber attack happened from Morris worm in 1988. The first computer worms distributed via the Internet, also resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student of Cornell University, Robert Tappan Morris, who launched the worm out of curiosity as he was “just trying to gauge how big the internet was.”
The U.S. Government Accountability Office put the cost of the Morris worm attack damage at $100,000–$10,000,000. Clifford Stoll, a systems administrator (known for discovering and subsequently tracking the hacker Markus Hess {who hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000} three years earlier in 1986), helped fight the worm, writing in 1989 that: “I surveyed the network, and found that two thousand computers were infected within fifteen hours. These machines were dead in the water—useless until disinfected. And removing the virus often took two days”. Stoll commented that the worm showed the danger of monoculture, as “If all the systems on the Arpanet ran Berkeley Unix, the virus would have disabled all fifty thousand of them”.
Since then there have been several times government official accounts came under cyber attacks and so do gaming companies. Here are various attacks that happened in recent past:
Capcom
Japanese video game company Capcom has been in the news not long ago for all the wrong reasons.The company suffered a ransomware attack earlier in November 2020, apparently at the hands of the Ragnar Locker gang, and has been having a hard time with the criminals since.
Rumours have suggested that the crooks opened the bidding with eight digits’ worth of blackmail, demanding $11,000,000 in cryptocurrency in return for two things:
- A decryptor to recover files scrambled in the attack.
- A promise not to reveal corporate data stolen before the files were scrambled.
More precisely, if what we’ve seen is the actual ransom note from the Capcom attack, the crooks aren’t really promising anything. The wording is more menacing than that, warning in stilted English that: “If No Deal is made then all your data will be Published and/or Sold through an auction to third parties.” Ransomware crooks, of course, can never prove that they really do delete the stolen files of victims who pay up; they can’t prove that they didn’t sell them on already; and they certainly aren’t going to be able to reassure any victims that the files they stole haven’t already been stolen from them in turn. And in this case, the crooks aren’t even bothering to say they won’t keep the files if they receive the blackmail money. They’re just saying that they definitely will leak them if they don’t get paid. According to Capcom Information verified to have been compromised were sales reports, HR information, financial information and more.
Potentially compromised data
- Personal information (customers, business partners, etc.): maximum of approx. 350,000 items
Japan: Customer service video game support help desk information (approx.134,000 items)
Names, addresses, phone numbers, email addresses
North America: Capcom Store member information (approx. 14,000 items)
Names, birthdates, email addresses
North America: Esports operations website members (approx. 4,000 items)
Names, email addresses, gender information
List of shareholders (approx. 40,000 items)
Names, addresses, shareholder numbers, amount of shareholdings
Former employees’ (including family) information (approx. 28,000 people);
applicants’ information (approx. 125,000 people)
Names, birthdates, addresses, phone numbers, email addresses, photos, and more.
- Personal information (employees and related parties)
Human resources information (approx. 14,000 people)
iii. Confidential corporate information
Sales data, business partner information, sales documents, development documents
Nintendo
Nintendo in June 2020 announced a total of 300,000 accounts were recently hacked. Back in April, the company reported that 160,000 accounts were hacked after users’ Nintendo Network IDs were used without permission, but June mid week, the company stated that the actual number of accounts was almost double that. Not only were hackers able to use account owners’ money to buy virtual currency for Fortnite, but they were also able to see birthdays, home area and email address, as well as access other payment services linked to the Nintendo system. Nintendo customers were told to check their purchase histories for unauthorised transactions and request refunds.Affected users were contacted by Nintendo via email urging them to reset their passwords. They also told users to use two-factor authentication and to change their accounts from using the Nintendo Network ID to using their email instead.
Riot games
League of Legends developer Riot Games took legal action against “a handful of players” who hit the game with distributed denial of service (DDoS) attacks mid september 2012. Riot Games producer explained that the problems players were having — in-progress games were ending prematurely — were related to DDoS attacks and not hacking. The studio updated the game to try and prevent the attacks from killing games. While “players in a targeted game will still experience lag and possibly be disconnected,” said the producer, “the client should now be able to reconnect to the game automatically and resume where it left off.”According to the producer, Riot also addressed the attackers themselves. “We have taken steps to identify these attackers and remove them from our service permanently. Additionally we are pursuing legal avenues and working with the proper authorities. When someone’s intentionally ruining the experience of other players, we take it very seriously,” the developer wrote. On 14 June 2011, LulzSec took down four websites by request of fans as part of their “Titanic Take-down Tuesday including, League of Legends. They also attacked the login servers of the game, which also disabled the game’s front-facing website.
Ubisoft
Ubisoft in July 2013 sent out emails to U-Play account holders to inform them that one of the company’s websites had been hacked. Because of this, the hackers have gained access to some of Ubisoft’s online systems. While the company is working on restoring the integrity of its compromised systems and investigating the incident, it has urged users to change the passwords of their U-Play accounts as soon as possible.
“We recently discovered that one of our Web sites was exploited to gain unauthorised access to some of our online systems,” Ubisoft wrote in a statement.
“During this process, we learned that data had been illegally accessed from our account database, including user names, email addresses and encrypted passwords,” says the email. While passwords and usernames have been revealed, the company does point out that none of the users’ payment information, including debit/credit card information, has been exposed.
In November 2020 Ubisoft said that it is investigating media claims that the Egregor ransomware gang has published a 558 GB archive of the source code and resources of the video game Watch Dogs: Legion on file-sharing site networks.
The Egregor group claims that it obtained the source code of the newest game in the Watch Dogs series, following a security breach of Ubisoft’s internal servers. If it really is the source code of Watch Dogs: Legion then it may be that the Egregor gang released it after failing to extort any money from the video game developer.
Activision Blizzard
In 2020, Activision Blizzard game titles have just been simultaneously hit with a DDoS attack, and this might be a form of a cyber attack on the company. The servers for the two mentioned Call of Duty titles went down, and an in-game alert popped up, saying, “We are currently experiencing a DDoS attack, which may result in high latency and disconnections for some players. We are actively working to mitigate this issue.” Later on, it was found out that players in Overwatch and World of Warcraft also received the same in-game alert notification. The issue was then traced back to Blizzard’s Battle.net, which was experiencing the DDoS attack, with the mentioned games receiving the impact.
Earlier from February through September 2010, Blizzard’s World of Warcraft European server was targeted with several DDoS attacks by Calin Mateias, 38, from Romania. He was subsequently convicted for a year on 7 May, 2018.
Blizzard was also one of the many online gaming platforms targeted by Derp Trolling in 2014 and Lizard Squad on 13April 2016. They attacked Battle.net which resulted in the denial of players’ access to its popular titles like Starcraft 2, World of Warcraft, Diablo 3 and Hearthstone.
CD Projekt Red
In February 2021 an unidentified actor gained access to the internal network of CD Projekt Red and stole data, the gaming company confirmed on Twitter.The attackers left a ransom note threatening to release proprietary video game source code and other data sets to the public. CD Projekt Red said it has already begun restoring data and has secured its IT infrastructure. It added that its backups remain intact. “We will not give in to the demands nor negotiate with the actor,” a statement posted on Twitter reads. They further added “We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.” CD Projekt Red said that initial investigations revealed that no personal data belonging to players or customers was compromised in the attack.
From video games to online gaming, gaming platforms have a lot to offer. They range from browser and app-based games on Windows, macOS, Android, iOS, to various gaming consoles such as Xbox, PlayStation so on , and casinos. The industry has grown tremendously and there is serious money involved. Gaming has created such a craze that media giants such as Netflix consider Fortnite to be a bigger competitor than HBO! A valid concern with billions of people across demographics engaged in gaming globally. It is no surprise that such a lucrative industry has caught the eye of cyber criminals. Predictably, the gaming industry has been plagued by cyberattacks with hackers carrying out billion attacks year after year.
Unsurprisingly, the world’s best-selling video game, Minecraft, was the most popular target for cyber attackers, with more than 130,000 web attacks, according to Kaspersky. Other popular games which were attacked are Counter-Strike: Global Offensive and The Witcher 3.
Kaspersky has also reported a 40per cent increase in the number of blocked redirects to phishing pages that contained the word ‘Steam’ in April 2020 compared to February 2020. The only way to check on these is to be wary of using the same computers for both gaming and conducting business.