Gaming Companies Get Ready for an Increase in Ransomware Attacks in 2021
Ransomware attacks have the potential to cripple gaming and media companies.
Your content is your business, plain and simple if you’re a media company or a company that specializes in electronic gaming. This means that a cyberattack that affects the manufacturing process of a gaming firm might suffocate the company’s ability to develop and has the potential to wipe out years of hard work. In the case of ransomware attacks, it is evident that media and gaming companies have a significant financial incentive to pay up. Given this knowledge, hackers have targeted media and entertainment industries in particular, with 60 percent of surveyed organizations reporting being targeted by ransomware in 2020.
Companies in the media and gaming industries rely on content.
If you work for a media or game organization, you should be aware of four facts:
Your principal source of revenue is content, which can be in the form of media, video games, subscriptions, or licenses.
Deadlines for production are tight, and all of your assets are digital.
Every minute that clients are unable to access your content results in income being lost.
In light of the industry’s interconnected structure, most media and gaming developers have a large network attack surface, which makes them exposed to attacks that invariably result in a big price tag, particularly in the case of ransomware.
Take, for example, the scenario in which an assault encrypts your servers. For gaming companies, the servers house all of the code, strategies, and stories for all of their games, including some that are not yet available for purchase. If you’re a media firm, those servers house all of the video you’ve filmed for the series you want to one day make available on a streaming platform. If you’re an individual, those servers house all of your data.
Even if you are ultimately able to restore this data, the process of restoring it may cause release dates to be delayed. Furthermore, ransomware attackers frequently take data before encrypting it, which means that the attackers may reveal the plot of your videogame or television show in advance, destroying the suspense that draws in so many viewers and gamers to play or tune in to the show in the first place. Finally, the compromised systems could hold the secret personal and financial information of your customers, putting them at risk of identity theft and financial loss.
However, the loss or exposure of data is not the only issue to be concerned about. Workstations aren’t only places to keep track of a large amount of ongoing work; they’re also critical production equipment that can’t be replaced easily or fast. Examples include the fact that a large amount of media and electronic gaming labor is done on desktop computers equipped with high-end video cards, which are in extremely short supply. Even a very small-scale ransomware assault can have a significant impact on the productivity of media and gaming organizations. If your game is scheduled to be released in two months and all of your workstations are encrypted, you have a major dilemma on your hands (and a huge incentive to pay the ransom).
Attacks like this aren’t simply theoretical possibilities. In February 2021, CD Projekt Red, the company that created the video game Cyberpunk 2077, was the target of a ransomware attack. Although the corporation was able to restore the data from backups, attackers were able to steal personnel information and publish the source code for existing and upcoming games on the internet. Earlier that year, in November 2020, the gaming firm Capcom was hit by a ransomware outbreak known as Ragnar Locker, which caused their systems to be encrypted and more than half a million customer records to be taken.
Although both Capcom and CD Projekt Red are industry giants in the realm of video games, there is a vast universe of independent gaming and media firms to choose from. These businesses may be forced to choose between paying a ransom or going out of business if they do not pay the ransom.
Can you tell me if the gaming and media industries are prepared for advanced cyberattacks?
One thing that media and gaming firms have in common is that they both have high production costs and an uncertain revenue stream. We’ve all heard stories of movies and video games that we’re unable to return their costs. In practice, this implies that game and media firms are encouraged to spend a large portion of the budget on their core expertise. Cybersecurity may be understaffed, leaving organizations vulnerable to hackers.
Phishing attacks are being launched against software developers, especially those working for gaming firms, who are being specifically targeted. Although software developers are typically well-versed in technology, hackers have successfully deceived them using spear-phishing techniques. They are designed to appear as though they are coming from recruiters inviting developers for job interviews or as though they are coming from colleagues asking technical questions. It only takes one click for an attacker to gain access to a network’s infrastructure. Because developers frequently have access to administrator accounts, hackers can use an infected development workstation to migrate laterally via developer networks.
Existing cyber-security solutions, however, are still unable to consistently protect against threats conveyed via email, and many of them rely on users being schooled in security awareness. Unfortunately, the messages that developers receive are more specific, which implies that even common sense and training may not be enough to prevent a breach. This is an example of a situation in which doubling a business’s investment in cyber education is unlikely to result in an organization that is twice as secure.
Companies in the media and gaming industries should use remote browser isolation to prevent data breaches.
However, while media and video game firms may believe that end-user training is their final and best line of protection against phishing attempts and drive-by downloads, there is a better solution available that they may not have realized was there. It is referred to as remote browser isolation (RBI). To make it nearly impossible for customers to download an infected file or be attacked via a phishing site — even when they fall for a spear-phishing scam — RBI has developed a set of rules and procedures.
RBI is based on the concept of an air-gapped system, which is a type of closed system. However, no content from the public internet ever reaches the user’s desktop browser, even though the user views websites using their regular desktop browser in the usual way. The interactive material is being streamed to them from a remote browser that is running off-site, in a temporary container, rather than from their local browser. The malicious files remain in the containerized browser and do not infect the user’s endpoint even if the user visits a phishing site or downloads a PDF that contains malicious code.
Ransomware assaults against media and gaming organizations are particularly appealing since they produce valuable content on tight timelines, making them attractive targets for attackers. RBI enables businesses to secure their networks against the most popular malware and ransomware vectors without having to significantly increase their IT budgets or devote additional resources to haphazard training. Because of this, video game developers and media firms can get back to producing what they do best, rather than worrying about paying a ransom to get their assets decrypted.
