Who doesn’t enjoy playing online games these days? Whether it’s for entertainment, relaxation, challenges involved, or simply to bond with other people, we’ve all been gamers at least once.
With the rise of technological innovation and Internet usage growth, online gaming is, by far, one of the fastest growing industries, and also a hunting playground for cybercriminals eager to watch, learn and steal.
Having a partner that truly understands the importance of focusing on security habits in a dynamic and growing industry is an excellent opportunity for the DefCamp community to learn more.
As we know, many online games use digital currency for players to accumulate and trade between accounts, potentially making their accounts extremely valuable. Emotional value aside, there is also a monetary profit involved which can be exploited by malicious actors.
In regard to some of the most frequent cyber attacks targeting gamers, Mihai observed that:
Cyber attacks can come through diverse tactics, pending on the ecosystem within which they occur. They can target gamers directly, as well as gaming infrastructure.
Within EA, we do our utmost to prevent different types of attacks or cheating that can happen and ensure a fair and fun field of play. I can mention here our efforts to prevent piracy and cheating in our games using various techniques like anti-reverse engineer solutions, preventing bots from playing, etc.
This is a continuous effort across multiple Electronic Arts teams, all around the world, covering a very diverse skill set and technologies. The local team in Romania contributes significantly to this effort in creating a safe gaming environment for our players.
We are aware of all the challenges involved in this fight against cyber threats, and we truly admire how the Electronic Arts team strives to build and offer a secure place for gamers.
As an avid gamer, you’ve probably ignored or superficially looked at security measures more than once, when introduced to a new game. However, cybersecurity awareness is still an essential lesson that needs to be learned and applied.
Mihai told us how his team promotes stronger security habits through the user onboarding flow, and what it works best to encourage doing things like setting strong passwords.
Achieving a good balance between usability and security is always hard to maintain, but we are constantly aiming to ensure the safest environment for our players. We are taking precautions toward the security of our players’ accounts throughout their lifecycle – starting with initial password requirements, additional login verification and continuing with advanced monitoring and analytics of any suspicious activity.
By now, you probably notice that keeping players safe is a top priority for Mihai and the team at Electronic Arts. Speaking of players, a recent study shows that gamers are likely strong candidates for information security roles. Could they be an answer to this global workforce gap the cybersecurity industry is currently facing?
What are some key skills they possess and what type of projects could attract them to this field?
Mihai told us that:
Gamers are indeed strong candidates for cybersecurity roles due to their perseverance and curiosity, as well as the ability to think outside the box, which is key to have successful careers in cybersecurity.
Moreover, gamers tend to have high principles and morals over the gaming experience, which they like to keep as pure and untampered with as possible, so this is also very important for companies like EA, that are constantly looking to provide end-users with the best experience.
Especially with EA, if you are a passionate gamer and have the right skills, there is a great opportunity to use both in creating what you will play next.
The gaming experience is increasingly more connected and engaging for all players involved, but it can also be an interesting target for malicious actors.
We were curious to find out from Mihai what are the priorities in securing the massively distributed, complex infrastructure behind online gaming.
Here’s what Mihai thinks about this emerging issue:
The response time is key to limiting a potential threat footprint.
Just as well, it is ever so important to keep a step ahead of any game and to be fast in preventing any issue by anticipating any occurrence. So, in this regard, it is important not only to keep up with the very fast-paced environment we operate in, as well as to ensure no stone is left unturned when testing your product’s from security and privacy perspective.
Maintaining security on such a diverse and distributed environment requires not only to have the best people but also using the latest cutting-edge technologies and outside the box thinking.
Aside from using the latest technology tools and hire the best people, there are some practical ways in which the gaming industry can increase cybersecurity awareness and make it more approachable.
Here’s how Mihai tackles this:
When looking at the gaming environment, there are many things that you can apply in cybersecurity. To name just a few: teamwork, reactions’ speed, finding new ways to solve difficult challenges – these all are very useful abilities that you need to use in order to have an effective cybersecurity response function.
On an organization level, using the strategy from gaming like gamification of security awareness campaigns is quite useful in making it more approachable and driving higher attention from users.
Raising cybersecurity awareness and creating cyber hygiene practices in organizations remain a constant challenge and a long-term process that need to be pursued. The fight is far from being over.
If you’re curious to explore more, we wait you in the gaming area located in the Hacking Village, where you can meet part of the Electronic Arts team at DefCamp #9, in Bucharest, in less than 48 hours!
DefCamp is powered by Orange Romania and it’s organized by the Association “Research Center for Information Security in Romania” (CCSIR).
DefCamp 2018 is sponsored by Ixia, Keysight Business, SecureWorks and Intralinks as Platinum Partners and it’s supported by IPSX, Bit Sentinel, TAD Group, Enevo, Crowdstrike, CryptoCoin.pro, Siemens, Alef, UiPath, Atos, Electronic Arts and Kaspersky Lab.