Gamasutra is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
December 9, 2019
arrowPress Releases

If you enjoy reading this site, you might also want to check out these UBM Tech sites:


2016: The Year the Video Game Industry (Finally) Realized Its Cybersecurity Problem.

by Matthew Cook on 12/30/16 12:48:00 pm   Featured Blogs

The following blog post, unless otherwise noted, was written by a member of Gamasutra’s community.
The thoughts and opinions expressed are those of the writer and not Gamasutra or its parent company.


As the year comes to a close and the world looks forward to 2017, it’s important to look back on significant events that have made an impact on our industry,  and to learn from them.

We’ve seen some troubling events happen in 2016, particularly as it relates to cybersecurity. From Pokémon Go getting hacked within the first two days of its release, to the FBI indicting scammers who swindled Electronic Arts (EA) for millions in in-game currency, there have been plenty of cyber attacks that have, and will continue to, affect video game developers, publishers, and players.

Reflecting on the past year, there are three major cybersecurity trends that have emerged that had an enourmous impact on the video game industry in 2016, and which will doubtless continue to do so in the upcoming year:

  1. Increasing awareness. When we started Panopticon Labs three years ago, Kaspersky Labs was the only organization talking about the cyber threats faced by the video game industry. Now, it is all over the news, as cyber attacks on video games increase in frequency and their resulting financial and reputational damages are realized. In fact, Trend Micro released a report in October detailing the increasing threats to the video game industry through the use of the gray market for online video game currency and items.
  1. The industry and media are starting to assign real money value to the losses that the industry is facing. From talking to video game publishers and through our own industry research, we have found that video game publishers lose up to 40% of their in-game micro-transaction revenue due to fraudulent and abusive activity inside of their games. However, there are many ways in-game fraud can erode video game profits – from decreased ad revenue, to increased staff costs, to server and legal fees.
  1. Government/legal involvement. Real money is being lost and real people are being hurt. Sooner or later, the government is going to regulate the industry in relation to fraud and protecting their customers. We are encouraging the industry to develop its own standards to avoid government involvement as much as possible.

In short, it appears that the video game industry is finally realizing what we’ve been warning publishers about since we founded Panopticon Labs in 2013. As the first in-game cybersecurity company to protect online video game publishers from the financial and reputational damage of in-game cyber attacks, we're uniquely positioned to help mitigate the threats facing publishers today and in the future, But for this to happen, executives and operations-level folks must come together, acknowledge the true size and scope of the challenges in their current fraud and risk environment, and put a pragmatic plan in place designed to neutralize bad actors' corrosive affect on the games, and the virtual worlds, we love. I know it's not an easy task, and nobody likes talking about these issues, but in our current monetization enviromnent, where an online game's financial success often depends on reviews, Let's Play videos, and continued mictotransaction sales made by players who return to compelling virtual worlds again and again, they must be addressed.

For reference, below is a detailed timeline of cyber incidents in the video game industry throughout 2016:

2016 Year In Review

MARCH 15: Valve’s Steam Platform is attacked by Steam Stealer malware, resulting in 77,000 accounts being “hacked and pillaged” each month

APRIL: Supercell | Clash of Clans: COC announces its Fair Play initiative, and asks Clan leaders to take its “Fair Play Declaration”

JUNE 3: Blizzard | Overwatch – Within the first week after release, Blizzard permanently banned thousands of players for cheating

JUNE 8: TechCrunch publishes “The gaming industry can become the next big target of cybercrime,” and heavily quotes Panopticon Labs co-founder, Matt Cook

JUNE 22: Trion Worlds – CEO Scott Hartsman “has spent more time combating fraud in the last couple years than making games”

JULY 7: Blizzard sues Overwatch cheat makers for copyright infringement, citing that they have led to a loss of “millions or tens of millions of dollars in revenue”

JULY & AUGUST: Niantic | Pokemon Go – First hack is seen within 2 days of release; the game is flooded with bots that overwhelm the servers; and it has lost 79% of paying players since launch. Niantic permanently bans players who use bots or other cheats and hacks, and threatens bot makers with legal action.

AUGUST 1: G2A is accused by TinyBuild of selling $450,000 worth of stolen game keys

AUGUST 11: Riot | League of Legends – Riot sues LeagueSharp for making LoL cheats, alleging that its cheats disadvantaging its 67 million monthly players and calls it is an “enormous threat.”

OCTOBER: Akamai releases results of “Gaming Trends and Challenges” Customer Survey, which cites account hacks and content theft as 2 of the top four security challenges facing game companies and improving customer retention as their #1 business challenge

OCTOBER 5: Valve | Counterstrike:Global Offensive – Washington State Gambling Commission orders Valve to take actions to ensure that CS:GO skin gambling is halted and threatens criminal prosecution for failure to stop the behavior. Commission cites that one company alone made around $1 billion by facilitating gambling in 7 months’ time

OCTOBER 10: TrendMicro releases “The Cybercrimal Roots of Selling Online Gaming Currency” report, which explicitly connects the gray market with the larger cybercrime ecosystem

OCTOBER: Panopticon Labs co-founder, Matthew Cook, presents “The Online Video Games Gray Market: What? Why? And How?” at Akamai Games Summit and participates in National Cybersecurity Alliance NASDAQ Cybersecurity Summit. He is quoted in Scientific American (also picked up by Salon), The GuardianMarketWatch, and IEEE Spectrum

OCTOBER 31: CCP | Eve Online – Bans in-game gambling and removes an estimated 30-40 trillion Isk (equivalent to $650 million) from the in-game economy prior to adding a free-to-play option to the game

NOVEMBER 14: Electronic Arts | FIFA – Hackers steal $15M to $18M in coins over 2 years; FBI gets involved; hackers go on trial

NOVEMBER 18: Sony attributes a rash of Playstation account hacks to phishing scams.

DECEMBER: South Korea passes a law that makes developing and selling of hacks and cheats that are not allowed by video games’ Terms of Service illegal, with a punishment of up to 5 years jail time or $43,000 in fines.

DECEMBER 7: PCGamer publishes an article titled “Why is it so hard to stop cheating in videogames?” which provides an in-depth discussion about the difficulties publishers face in beating hackers and cheaters.

Related Jobs

Square Enix Co., Ltd.
Square Enix Co., Ltd. — Tokyo, Japan

Experienced Game Developer
Counterplay Games Inc.
Counterplay Games Inc. — Emeryville, California, United States

Next-Gen Platform Engineer
Counterplay Games Inc.
Counterplay Games Inc. — Emeryville, California, United States

Senior Gameplay Programmer
Disbelief — Chicago, Illinois, United States

Senior Programmer, Chicago

Loading Comments

loader image