The world of video games, often associated with virtual adventures and escape, is currently experiencing a completely different reality: it is facing a massive wave of cyberattacks, the latter having intensified over the years. At the heart of this turmoil is a coveted digital treasure: sensitive player data, financial transactions, and a complex web of interconnected operations.
Ransomware attacks have seen an alarming growth of 37% in one year, with the average cost reaching a staggering $5.3 million per attack. The US Department of Homeland Security also sounded the alarm, saying ransomware groups were on track for their second most profitable year, largely thanks to attacks targeting large organizations, a practice referred to as “big game hunting”.
Faced with this escalation of cyberattacks affecting the video game industry, it is appropriate to explore an unusual perspective: that of recruitment in the field of cybersecurity within this industry. So let’s dive into this world where protecting games and players becomes a quest in itself…
Video game data reservoirs
The video game industry is much more than just an entertainment industry. It has become a digital treasure trove with immense reservoirs of data, hosting detailed information about players, their preferences, purchasing habits and social interactions within online games. The gaming world handles massive volumes of customer data and transaction details on a daily basis. This mass of data makes it a prime target for cybercriminals, but also an opportunity for cybersecurity experts.
In recent attacks against the video game industry, one technique has particularly attracted attention: social engineering. This method involves manipulating individuals to obtain confidential information.
In this context, cybercriminals have made a notable change by favoring telephone communication over emails. This approach has proven effective due to the lack of awareness and training among employees, unlike email attacks, which are better known and often subject to awareness programs.
Ransomware Attacks and Legal Actions
Although social engineering is a common attack vector, ransomware attacks remain a major threat. However, notable developments have been made to combat these attacks. International law enforcement agencies have managed to take down two of the largest initial access brokers, Emotet and Qakbot. This should potentially reduce ransomware activity in the short term, by removing key infection vectors related to malicious attachments and links.
To face these challenges, video game companies have every interest in adopting a Zero Trust approach to cybersecurity and relying on four fundamental principles:
- minimize the exterior attack surface;
- prevent the initial intrusion;
- block compromised users and insider threats;
- prevent data loss.
Recruitment in cybersecurity: an opportunity
In the midst of this battle looms a valuable recruiting opportunity. The video game industry can play a key role in attracting new talent to the cybersecurity field. On the occasion of Cybermoi/s, several initiatives are launched, aimed at quickly preparing the cybersecurity professionals of tomorrow, including recruitment campaigns dedicated to gamers. These make it possible to identify the “gaming skills” (soft skills likely to be transformed into professional skills) of the latter in e-sport, but also beyond.
According to a study carried out in five countries, the world of work is increasingly appreciating gamer profiles. Among the qualities sought: anticipation, reactivity, cooperation and tactical sense are all qualities developed by video games. They are highly sought after by recruiters.
In the collective unconscious, the gamer still suffers from an image that has little connection with the world of work, but the trend is tending to be reversed: 67% of French recruiters say they have seen more young people (under 25 years old ) mention video games as a hobby on their CV in the last five years. A boon for the cybersecurity sector?