With the news always full of stories about massive data breaches, whether they're genuinely huge or just a false alarm, it should come as a surprise to learn that the risk of cybercrime affecting gaming has never been greater than at any time before. With billions of PCs, consoles, and phones being used around the world for playing games, and over 200 billion cyberattacks a day, it would seem that no gamer is safe. Fortunately, that's not the case, and even though you shouldn't be completely unconcerned about it all, a lot is going on behind the scenes to combat the rise in cybercrime.
Recently, I sat down with Cloudflare's chief security officer, Grant Bourzikas, to talk about all things Internet and cybercrime, and what it all means for PC gaming. You've quite possibly heard of Cloudflare before, perhaps even seen the occasional webpage pop up stating that it's checking the security of your connection when trying to access a particular site.
Cloudflare handles around 20% of all the total traffic on the internet, with servers in 350 cities across 120 countries, and it not only provides web security services for gaming companies, but it also hosts things like patches, game servers, and so on. And precisely because it's so big, Cloudflare has a pretty good handle on just how bad nefarious cyberactivity really is.
"We see about 225 billion—billion—attacks a day," said Bourzikas, "which is pretty substantial."
That seems considerably more than just 'pretty substantial' to me, but I guess when you're working in this particular industry, such numbers don't seem quite as shocking as they do to the likes of me! I asked him about whether PC gamers are considerably more at risk of being victims of cybercrime than, say, 10 years ago.
"There's much more risk today than there was 10 years or 20 years ago. Because hacking is much more of a criminal based organisation. More nation states are involved. And so what I would tell you is that there are more attacks than there were 10 years ago. They're more targeted attacks, right? So they may be looking for people, and so I think that that is substantially higher."
We also chatted about what specific attacks are common in gaming: "What we see are things like account takeovers, right? So you lose your user ID and password, and somebody takes your account, sells it. They take your account, you know, trash it, you know, sell everything off.
"The attacks that I would see most likely are phishing, and so somebody gets an email, clicks on, takes over your computer. The ones that I probably am most worried about, and we've all done this, is you're looking for, like, a free tier; I want to know what what person, or what game, or what gun, or whatever it is, is the most powerful, and you Google the company, free tier ranking."
We see about 225 billion attacks a day, which is pretty substantial.
Grant Bourzakis, Chief Security Officer, Cloudflare
Email phishing is commonplace outside of gaming, of course, but Bourzikas' point about phishing websites trying to lure in unsuspecting gamers via websites offering free items, gold, or even just tips on getting the best free stuff is a pertinent one. That's because one can no longer rely on the 'lock icon' in your browser's URL bar to tell you that everything is all safe.
Anyone can set up a gaming site, have all the correct certification and credentials, and pass off as being perfectly legitimate. It's only when you notice some of your accounts are no longer accessible that you realise it was all a ruse to get you to hand over key information to gain access.
Proper gaming companies, of course, use the likes of Cloudflare to host their content and services as it uses a host of systems to prevent anyone from sneaking in and doing a dirty on you. Plus, having so many servers around the world means that when you want a patch or an online match, you're likely to get a fast, low-latency connection, but there's a handy rack of computers providing it all not too far away.
Gaming PCs themselves are more at risk than consoles, but only because there's more stuff to manage and it's easier to accidentally download and install malicious software, for example.
Naturally, there's plenty you can do to help out in this respect: keep your operating system and antivirus software up to date; install hardware drivers that include a critical security patch; change the default admin password on your router and update its firmware, if possible.
You might think that cloud gaming is actually super secure, because all you're actually doing is streaming a video broadcast from a server to your device. Bourzikas explained that it's not quite as clear-cut as that.
"I always say cloud is way more secure and way less secure now, because … you can leverage Cloudflare and be the most secure organisation in the world. You can also just turn on the website, not protect it, and not be very secure, right? And this is something that we see. We see breaches all the time … they didn't implement MFA, they just used a generic password."
Best gaming PC: The top pre-built machines.
Best gaming laptop: Great devices for mobile gaming.
So that's something else we can do as an individual to keep safe: enable multi-factor authentication (MFA) or, if it's not an option, bail out and choose a different, and more secure, service. And if that's not possible, use an expendable email account and a password that's completely unique to that service, rather than your normal one.
While none of us mere gaming mortals can ultimately reduce the risk of being a victim of cybercrime to zero, there's clearly plenty we can do to help minimise it. And as Cloudflare has explained, so too can gaming companies.
Just remember this the next time you see your browser checking the security of your connection when you've headed off to a gaming site: the delay might be a bit annoying, but it's way better than being an additional number in the frightening cybersecurity statistics.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
