The world has gotten a glimpse of hacker warfare this month, with the now-infamous breach of Sony’s security having sparked legitimate international tension. Many assume North Korea was behind the “Sony Hack,” due to the nation’s threats against the company’s action/comedy film The Interview. And, in recent weeks, North Korea has begun to experience its own problems with Internet connectivity. This, of course, appears to be some manner of retaliation, though no details or confirmation of this assumption have been made public. But while all of this has been going on, there was a second Sony hack that raises an issue closer to home for the general public: both Sony’s Playstation Network and Microsoft’s Xbox Live were attacked over the holidays, apparently by known hacker group Lizard Squad, who claimed responsibility.
The hacking of the two major video game online networks didn’t carry the same threat to Sony (or Microsoft) as the original hack, nor did it bring up any sort of implications regarding international “hacker warfare.” But for the average consumer who uses these networks—really, for the gaming community as a whole—it raised some interesting questions regarding security in social gaming environments. On the surface, the attack appears to have been little more than a show of power and play for publicity by Lizard Squad. Yet, Bloomberg reported that one analyst connected to the issue said, “It’s not yet clear whether it’s just an outage of the Playstation Network or if some personal data has been stolen too.” This implies that some Playstation Network users’ personal information could have been obtained in the hack, or at least could conceivably have been available to the hackers.
This isn’t a particularly comforting notion for modern gamers, who are increasingly exposed as video games across all genres and categories are demanding more connectivity. Most anyone who plays video games on a console or computer has an account set up with a name and email address at minimum. But in many cases, it also contains a billing address and card number, a home address, and other personal information. That being said, consider the ways in which other forms of gaming are requiring and/or encouraging more personal exposure.
On the Internet, gamers can remain fairly anonymous and detached in many formats, with many of the big MMO games even requiring minimal personal information to create an account. But the online casino industry, an ever-expanding corner of the Internet video game business as a whole, carries serious security concerns for players. Naturally, the most established sites have strict security measures in place. Leading casino gaming site Betfair features a section on security that details some of these measures, including Information Security Managements, guarantees of the protection of personal information, and even the physical protection placed around the site’s servers—you can view all the info here. Even with such measures in place, this corner of the gaming industry comes with obvious risks. Personal information is clearly connected to a payment method for real money gaming sites, meaning that less secure sites or sophisticated hacking breaches can have major consequences for users.
Similar risks exist in the mobile gaming market, which continues to expand rapidly and is increasingly filled with one-click payment options within games. One of the leading developers, Popcap is a strong example of what’s become known as freemium gaming. Basically, a mobile game following this model (such as Popcap’s hits Plants vs. Zombies 2 and Peggle 2) is free to download, but it provides the opportunity for players to purchase certain add-ons (new stages, upgrades, etc.). This means that even after you make a decision to download a game, it remains connected to your mobile identity and payment method. Also, given that mobile gaming is increasingly focusing on communities and multiplayer options, players are essentially gaming in huge online environments with personal information and payment details (somewhat) readily available.
Thus far, there are no noteworthy instances of major hacks or security breaches that have hurt players in these gaming markets on a broad level. The top sites and developers take security quite seriously, and with more personal security options on computers and mobile devices available these days, consumers can also take steps to protect their personal information. But the hacks of the Sony and Microsoft online gaming communities have, at the very least, raised concerns of security in video games.
– This YATS guest post was written by Jesse Kirkham.