Over the last two decades, video games have improved significantly and expanded their user base to hundreds of millions. E-sport leagues have popped everywhere to make things even more entertaining and professional. Huge companies now invest in e-sport teams to promote their products, and the gaming industry has become a massive market with a lot of money in it.
And where there’s money, the criminals follow, and cybercriminals are becoming more and more dangerous to gamers. According to data by cybersecurity company, Atlas VPN gamers are targeted by 14 million credential stuffing attacks daily. Luckily, gamers can turn to password managers like NordPass, a good password manager for Firefox and other browsers, to secure their online accounts.
In this article, we’d like to enumerate three reasons why gamers should worry about cybersecurity, and how a password manager can improve their online safety.
Why should gamers worry about cybersecurity?
Cybercriminals are targeting both gamers and game development companies. There’s an elaborate article about game business cybersecurity issues on security magazine, but we’d like to draw attention to the dangers that gamers themselves are facing.
Video game accounts have become an expensive thing to have. Be it League of Legends account with numerous legendary skins unlocked, or your Battle.net account with various monetized games – you can spend money on all of them. And it’s a fun thing to do, customizing your hero to look different than others, or having paid premium subscriptions can enhance the gaming experience for the better.
However, because people spend a lot of money on their gaming accounts, cybercriminals began stealing them. A cyberattack may seem like something that “always happens to someone else”, but the Internet is filled with stories of how people got their gaming accounts hacked and then sold on the black markets. Having a few cosmetics stolen might not hurt much, but imagine if someone gained access to your steam account? The financial losses can be tremendous.
What is credential stuffing?
Credential stuffing attack is an easy-to-execute cyber attack that has been gaining in popularity for a while now. The main reason for this is that it requires minimal hacking skills to perform, and the financial gains of a successful attack can be pretty good. So what is credential stuffing attack and why gamers should worry?
Credential stuffing attack is when a hacker obtains a list of leaked username and password combinations and tries them on different services. For example, a person had an armour games account that leaked last year. The leaked information was sold somewhere on online black markets and obtained by a cybercriminal. He or she then takes these credentials and tries it on another service (Netflix, for example). If the same credentials were used then the account is stolen and can be sold once again for profits.
This attack is very straightforward. All the cybercriminal needs are to obtain a list of username-password combinations. And some of these can come as cheap as a few dollars, which is why a lot of cybercriminals are turning to credential stuffing. Then automation service is used to attack millions of accounts one after another, and even with a less than one per cent success rate, the attack is considered a success.
It’s that easy.
And because gamers have a lot of accounts, they do have a lot of usernames and passwords. And some of them do use the same username and password for different services, making them vulnerable to credential stuffing attacks. But there’s a straightforward way of protecting your online accounts against this danger – a password manager.
Password managers have been around for about two decades, but only recently they have gained in popularity. Because cybercrime is so common these days, people started worrying about their online safety and buying cybersecurity software. That’s how password managers became a pretty common thing to use and a very comfortable way of protecting online accounts.
First of all, a password manager stores all passwords in a safe and encrypted vault. Instead of remembering each one of your passwords, you can have complicated, long, and different passwords for each of your accounts. Furthermore, good password managers offer autofill function, which will fill in the password automatically without the need for any typing. Once you’ve tasted auto-filling going back to inputting passwords manually is pretty frustrating.
An important thing to look for when choosing a good password manager is zero-knowledge architecture. This means that the vault that has all the passwords in it is accessible only to the owner of the passwords. In other words, not even the password manager developers can access the passwords, reducing the risk of leaking them significantly.
As you can see, a password manager will directly protect against credential stuffing attacks, because you’ll never have to use the same password twice again.
And because we’re spending so much time at home during quarantine, gaming has become that special activity to spend countless hours on. And it’s best to enjoy gaming when you know you’re doing it safely!