Playing games has enticed mankind since the age of fire and brimstone. As society has and still achieving advancement in the technology spectrum, games have seen a stark shift from boards and fields to tech-driven games; online gaming, and it has become the next big thing. So much so, that it has its very own industry now.
Industry pundits suggest that the online gaming industry is expected to grow by US$122.05 billion in 2025. While Covid has been brought almost every business and industry in the world to its knees, the online gaming industry has shown an out-and-out and significant growth. However, there has always been an itch for the security concerns for online gaming.
To delve deep into the gaming industry, Indian gamers and the malware attacking the gamers, ELE Times Correspondent Mayank Vashisht had an insightful conversation with Mitesh Jain, Country Manager, Akamai Technologies, India. Excerpts:
ELE Times: The new generation is devouring online gaming. Over the last few years, millions of new gamers worldwide have joined the bandwagon, some just to kill time, others to learn how to make money in their locked-up hours. According to Akamai’s report- “In 2020, 246,064,297 web application attacks in the gaming industry, representing about 4% of the 6.3 billion attacks we tracked globally which clearly reflects that the authorities and established to provide a secure ecosystem is perhaps lacking”. What are your thoughts?
As social distancing and work from home continues, people in India are increasingly turning to online gaming for entertainment, and form socially distanced human connections. Based on a recent report, the global gaming market will hit $175 billion in 2021 and the mobile game revenues will account for 52% of that.
In addition, in the past 2 years, Akamai has found that during the pandemic:
- Web attacks targeting the gaming industry were up 340% year-on-year between 2019 and 2020
- Credential stuffing and Bot attacks were up 224%
- Although DDoS attack volumes dropped by 20%, the attacks were massive, disrupting communications and gameplay
For a while now, we have seen and recognized the growth of the gaming sector in India. The Indian gaming industry is the fastest growing in the world, with the number of gaming companies rising from 25 in 2010 to more than 300 today and we are seeing more and more companies emerging. India is a mobile-first economy and a lot of the growth in gaming is being driven by Tier 2, 3 and 4 cities and beyond, with mobile or app-based gaming taking center stage. This growth is particularly strong in fantasy and real money gaming, esports, and game streaming. Rising mobile internet penetration has also acted as a catalyst for the growth of app-based games in India – the nation tops the global charts in terms of number of game downloads in 2020. Akamai has observed massive amounts of traffic and spikes in gaming platforms globally with millions of users accessing these systems at once.
However, due to this growth, we are seeing cybercriminals increasingly targeting gamers and gaming companies. With the pandemic proving to be a catalyst, go-to-market timelines for game development in India has accelerated. This has led product teams to de-prioritise security in favour of speed. This is something that malicious actors have been able to exploit, leading to the rise in the number of cyber security attacks. It is critical that gaming businesses today realise that cybersecurity is not a ‘nice to have’ but an absolute necessity.
ELE Times: In India, a large number of people have already shifted from traditional board games towards the online gaming spectrum. Indian video game players spend an average of eight and a half hours each week playing, with over 60 per cent claiming to have played games for three consecutive hours or more which, consequently, involves huge data sharing. Now, this scenario begs a potent question on how much the Indian gamer is secured while playing online games?
During the COVID-19 lockdowns, everyone has looked for alternative ways to socialize, since cyber cafes, gaming houses, clubs and bars, and other social gathering points are closed. The availability of cross-platform gameplay, as well as gaming-friendly social platforms, has enabled a new platform for social interaction.
In this context, hackers have become a constant threat to online gamers as they look to exploit the tiniest loopholes and vulnerabilities. In 2020, Akamai tracked 246,064,297 web application attacks in the gaming industry, representing about 4% of the 6.3 billion attacks that were tracked globally.
While there is a segment of players who are against the in-app purchase model, or the free-to-play business model, overall there have been a massive rise in gamers who are willing to exchange real money for virtual currency. Criminals are well aware of this trend towards in-app purchase models and seek to exploit them whenever and wherever possible. Criminals also focus on scamming mobile players who are looking to spend real money on in-game items such as skins and custom character enhancements.
Looking at the attack landscape, SQL Injection (SQLi) is still the number one attack vector, with 76% of attacks across all Akamai customers taking this format (59% in gaming). SQLi is followed by Local File Inclusion (LFI) attacks at 24%. Mobile games and web-based games are big SQLi and LFI targets, because criminals who successfully pull off attacks against these platforms will gain access to usernames and passwords, account information, and anything game-related that is stored on the server. If exploited, these flaws can also be used by criminals running resource farming operations, where bots (automated accounts that act like a player) grind out resources or in-game items that can be traded or sold.
Criminals go where the money is. And these days, there is real money to be stolen in the virtual world of gaming. Hence it is vital for gamer and gaming companies to look at securing their digital assets from these emerging threats.
ELE Times: What can be done at the user’s end to ensure a secured platform while playing online games?
Gaming companies have a huge responsibility to provide a secure gaming experience however there is also an onus on those who play them. They must understand that their security can be compromised if they don’t take the right steps to protect themselves. The following tips could help the gamers for a safer experience:
- Installing antivirus software and keeping it updated: Effective antivirus protects the user from many types of malware.
- Using Unique Passwords: One of the most common ways hackers steal information is by procuring a set of username and password combinations from one source and trying those same combinations elsewhere. Hence it is advisable to never use the same passwords for more than one account. Using strong unique passwords that include combinations of letters, numbers and special characters reduces risk.
- Multi-factor authentication: Enabling multi-factor authentication for gaming systems where possible reduces the risk of remote logins to your account.
- Using VPN: A VPN encrypts the internet traffic, routing it though a server owned by the VPN company allowing you greater privacy of data.
- Avoid clicking on unknown links: Gamers should avoid clicking on links sent to them by untrusted sources. If a gaming company emails you with a link to your account, it would be safer to log in to your account separately rather than clicking the link, just in case the email has been spoofed.
ELE Times: What is your foresight for the future of Gaming as an industry as well as the user experience?
People have always indulged in gaming for entertainment. Due to the lockdown, many people have enjoyed watching games as much as they have played them. For passionate gamers and because of the money involved, this has also become a side gig.
Ranging from streaming games, playing, providing commentary to offering tutorials, there are many ways to make money on gaming platforms. Better accessibility to devices and cheaper data prices are helping the gaming sector gain broader reach, thereby spurring its growth.
Cloud gaming could also gain prominence in India once 5G hits the country at scale as it will provide a better gaming experience and consumers can opt to pay more or switch connectivity providers for the new gaming experience.
While 2020 and 2021 have accelerated the step forward for the Indian gaming industry, it is still just a step in the long journey. Along with traffic increases, people’s expectations for the speed and quality of their digital media experiences are going up as well. The industry needs to continue to utilise trusted infrastructure to be able to meet these rising consumer expectations.
Gaming providers should ensure their content distribution and computing platforms utilise a secure infrastructure that effectively safeguards customer data when delivering a fast and reliable user experience. Mobile app operators should know about every single installation of the app with proper identification and deactivate when they detect suspicious behaviours. As India’s gaming industry tries to overcome challenges around security and user experience, it is vital for companies to optimise their pre-game experience by providing faster, reliable downloads. Improve user engagement and time spent on apps, increasing monetisation and in-game purchases.
Given Akamai’s knowledge and expertise of working with the leading companies across the world, starting from North Asia, other regions in Asia Pacific and in North America, we will continue to work as a strategic partner to Indian gaming companies as well. We are focussing on accelerating the growth of the industry and our ‘Gaming start-up accelerator program’ is a testament to our commitment towards empowering and securing India’s gaming industry.
Mayank Vashisht | Sub Editor | ELE Times