Cyber attackers are targeting the video game industry more than ever. In this VB Live event, security experts share the secrets to proactively securing your environment and protecting against the increasing number of hacks, DDoS attacks, and more.
Don’t miss out! Register now for free.
Cybercrime will cost the world $6 trillion annually by 2021, and the video game industry in particular is being targeted. Indie game developers, such as those like free-to-play gaming company Smilegate West, are particularly vulnerable.
Smilegate is known particularly for CROSSFIRE, a popular first-person online shooter, and to monitor and combat fraud, says Arash S.Haghighi, Smilegate’s manager of infrastructure, they have not just anti-fraud tools, but a security team on the clock 24/7.
When attacks happens, Haghighi says, they’ve discovered how important it is to be able to analyze the scope of the attacks, find the issue, and begin to resolve it immediately — before repercussions can start to multiply.
And that’s because they’ve thought ahead, he adds, which is the central key to ensuring your game is as secure, and as defensible, as possible.
“We have the policies and procedures in place, we know our architecture, and which parts are most vulnerable,” Haghighi says.
For example, if your service will be just serving on a port AT or 443, when you launch the service, you don’t need to open another port to the public. It’s the kind of planning that needs to start in game development, and needs be on par in importance with things like character design and monetization strategies.
“Before launching any actual game, any new service, you have to have your architecture and your security plan designed,” Haghighi says. “Your design has to be secure, and has to include security procedures and policies, including which ports and IPs should you open to public.”
Not only are you securing your service, you’re also ensuring you know exactly how to navigate your system’s build and mitigate an attack.
Once you launch your game, it takes systematic monitoring, whether that’s via third-party tools or an in-house security system that detects and alerts your team that fraud is occurring — or, in a review of game logs, detects that it is likely to have occurred.
Smilegate doesn’t just keep an eye on external attacks like DDOS, brute force attacks, and security injection attacks; they’re also looking for in-game cheating as well, by monitoring gameplay with a tool that detects cheating software or other unauthorized use of the game or its resources.
When a user connects to the game online, the anti-cheating software checks the course of a game, the game files, and hardware RAM to identify unauthorized third-party programs — add-ons, mods, hacks, etc. — running simultaneously with a game and modifications to game files which facilitate or support cheating.
In fact, they consider being proactive across all of their vulnerable points one of their most important security tools. This includes both employing your very own hackers in web tests, or penetration tests, of your own site and service across the board, and running security tools in account managing systems that monitor user activity and IPs. This is particularly important in catching fake user accounts that are deployed to steal personal data from legit players.
“Our users are very important,” Haghighhi says, “Which is why we have security and disaster recovery plans. We are not going to lose any data.”
To learn more about how to design a more secure game from the ground up, detect and act against cyberattacks, and protect both your users and your reputation, don’t miss this VB Live event!
You’ll learn about:
- How to prevent data breaches, SQL injections, cross-site scripting, remote file inclusion, and other cyberattacks
- Integrating cloud and on-premises solutions
- How to handle larger, Internet-scale attacks
- Preventing the reputation hit that hacked accounts or downed sites bring
Speakers:
- Ryan Safarian, VP Engineering, JumpRamp Games
- Arash S.Haghighi, Manager of Infrastructure, Smilegate West
- Stewart Rogers, Analyst-at-Large, VentureBeat
- Rachael Brownell, Moderator, VentureBeat
Sponsored by Akamai