Q&A: Online gaming and cyber security, with Limelight Networks’ Steve Miller-Jones

As Vice President of Product Strategy at Limelight Networks, Steve Miller-Jones focuses on driving the long term product roadmap for the company with a focus on delivering the highest quality online experiences. In this Q&A, Steve explores the cyber threats brought into focus by online gaming.

What are some of the most common security risks to gamers?

The global perspective of online gaming has changed drastically in recent years. New games being released every week coupled with high-speed internet connections has helped skyrocket the popularity of gaming online. But this popularity is a double-edged sword.  High-profile gaming platforms with large subscriber bases provide cyber criminals with the perfect opportunity take advantage of ill protected gaming content. With a wealth of personal and financial data up for grabs, these cyber threats and the associated service disruption is enough to turn gamers away for good.

With the gaming industry booming, we will undoubtedly see DDoS attacks during key events such as new game launches. Only a few months ago, Call of Duty: Warzone players saw significant lags caused by DDoS attacks and applications attacks against their authentication services. The applications attacked are starved of resources, and performance and quality are significantly degraded. Despite the mass scale outrage from game players, investigations into the source of these breaches can still take a long time to come to fruition. The reasons for such attacks are varied, but the intent is to certainly to cause disruption, and can also be to try to use the disruption to hide additional attack vectors designed to gain access to valuable assets such as user data.

Adopting proactive real-time detection helps to keep ahead of the cybercriminals and mitigate these and other attack vectors before they can cause impacts to gameplay, or worse, result in the theft of data. Monitoring web traffic is a quick way to identify the unwanted DDoS attack. In the event of an attempted attack, services are available that can identify the attack and ensure that incoming requests are quickly moved to on-network scrubbing, ensuring that only legitimate traffic is passed to your web infrastructure.

In the State of Online Gaming report’s findings, mobile phones remain the primary gaming device followed by computers, gaming consoles and tablets. How secure are mobile phones from cybercrime compared to gaming consoles and tablets?

The device itself is not inherently more or less safe, however our interactions with a phone are fast, this means we need to be cautious, as users, of the mobile applications, services and messages that we interact with.

Phishing attacks have become increasingly popular and are designed to fool the user into thinking that they are interacting with a legitimate service by mimicking behaviour and appearing to be legitimate, so being vigilant as a user is important.

Protecting yourself from cybercrime doesn’t need to be difficult or expensive. Using password protection services is a simple and effective way to be able to use many different passwords, without the fear of forgetting them!

Looking at gaming applications, it’s evident that malware is ever present and is being used to target a variety of gaming platforms. But malicious code that is installed through a seemingly legitimate app on a mobile phone can still be weaponised to attack applications and infrastructure. This is where using a good WAF and BOT Management solution can be handy. It can help secure applications and infrastructure from attacks designed to “break into” application environments and access user data, for example.

Watching gamers play video games online is more popular than watching sports for 18-25 year olds. As esports continues to grow in scale and scope, what solutions are available for the industry to help protect the integrity of competitive matches?

Protecting the integrity of live events is something that CDNs have been helping our customers do for a long time. There are many techniques that can be used to ensure that users are only accessing the stream via legitimate channels.

Digital Rights Management (DRM) for video is just one way to restrict unauthorised access and distribution of content. It can also be used to ensure users are legitimate subscribers and forensic watermarking capabilities can be used to help track video piracy if it happens, so event organisers and broadcasters can move to prevent further exploitation of content sooner.

Add the scale of delivery and quality offered by CDNs along with reporting and insights into live event traffic, and the gaming platforms are in good hands.

How can gamers protect themselves from cybercrime?

To maintain brand reputation and continue driving revenue, game developers must harness the power of high performing networks that safeguard their content. Being able to distinguish between attempted attacks and general traffic is essential when catering to big audiences. In the event of an attack, it is imperative to be informed of exactly what kind of attack it is to mitigate damage effectively and prevent similar attacks in the future.

A CDNs capacity ensures the ability to passively mitigate most attacks. A high-performing CDN will enhance the gaming experience by providing an “always-on” defence without any adverse effects to the performance.

Do you think there needs to be more education around security when it comes to gaming?

Online gaming has quickly become a global phenomenon, and with more users online, cyberattacks may also increase over the next few months. Users need to be more aware of how they can protect their gameplay by avoiding illegitimate content to keep their data safe and looking to their gaming platform provider to deliver fast and seamless game streaming experiences while protecting them from cyber hijackers.