Cyber threats jeopardize the integrity of esports tournaments

Check Point dedicated itself to a video game theme to coincide with Gamescom in Germany with over 320,000 visitors.

Esports, also known as electronic sports, has experienced a boom in recent years. But while spectator numbers and investment volumes are steadily increasing, the industry is also becoming an attractive target for cyber criminals. These attacks can have a significant impact on the smooth running of tournaments, the reputation of event organizers and the overall perception of esports as a reputable industry. This issue becomes particularly critical as the International Olympic Committee (IOC) will include esports in the Olympic Games from 2025.

Hacker attacks on esports tournaments can take many forms:

1. DDoS attacks: Disruption of tournaments due to server overload, which can lead to game crashes and postponed matches.
2. Phishing and account theft: Hackers target the accounts of professional players in order to gain access to sensitive information and cause financial damage.
3. Cheating: The use of cheats and illegal tools to gain a fraudulent advantage in tournaments is on the rise.
4. Espionage: Security gaps are exploited to steal data and spy on players and teams.

DDoS attacks are particularly widespread and aim to overload servers, which can lead to downtime and problems with gameplay or streaming. Such incidents not only damage the trust of fans and sponsors, but can also result in considerable financial losses for the organizers.

Phishing attacks also pose a significant threat. Attackers often target players’ accounts in order to gain access to sensitive data or even steal valuable in-game items. A well-known example is the case of Czech player Martin zur1s Sláma, who lost his account during a Counter Strike: GO tournament, which not only ended his participation in the tournament, but also caused him financial damage amounting to 300,000 Czech crowns (11,923 euros).

Check Point emphasizes the need to take comprehensive security measures to ensure the integrity of esports tournaments. This includes protection against DDoS attacks, securing player accounts through two-factor authentication, and regular training for players and staff to make them aware of current threats.

Tips for protecting gaming companies and esports teams:

1. Focus on prevention, not just threat detection, and implement advanced preventive security technologies, especially against ransomware and DDoS attacks.
2. Regularly educate employees and players about current threats and risks and the need to use two-factor authentication for all accounts. Many cyber attacks start with a targeted email that does not contain malware but uses social engineering to trick users into clicking on a dangerous link. User education is therefore one of the most important components of protection.
3. Vigilance, especially at weekends and on public holidays, as many attacks take place at times when companies are less able to react quickly to threats.
4. Installation of updates and patches regularly and without delay.
5. Introduce Zero Trust as a principle so that every user can only see the parts of the network and data that they need for their work.
6. Network segmentation minimizes the risk of a threat spreading uncontrollably throughout the entire company.
7. Data backup and archiving are essential. If something goes wrong, it must be possible to restore the data quickly and easily from the backup. Regular and automatic backups, including on employees’ devices, have become essential to protect against encryption and data loss.

With the inclusion of esports in the Olympic Games, the protection of these tournaments becomes even more important. Only through appropriate cyber security measures can it be ensured that esports can continue to grow and establish itself as a serious, global sport.

(pd/Check Point)