eSports
The role of cybersecurity in eSports

As the online gaming and esports industry has become valued at over $100 billion, it also has become a prime target for cyber threats. The majority of PC games are delivered through digital platforms, such as Steam, and users ultimately store their credentials in these platforms (including bank information). Thus, digital platforms like Steam, EA Origin, Blizzardās Battle.net, and a handful of other digital game clients are ripe for malicious attacks. Steam alone has over 125 million users. Also at risk are game-specific clients, such as Garenaās League of Legends.
With so many gamers not thinking twice about storing payment account information in platforms like Steam, itās absolutely certain that hackers will continue to target these digital gaming clients. And because e-sport conventions attract massive crowds, all connecting to public WiFi, these events are prime targets for malicious attacks.
To combat this threat, client developers should make security a top priority. Digital platforms need to undergo rigorous pen-testing, from the best IT security consultants available. Gamers also need to make sure their clients are always up to date, and to be extremely wary of what actions they perform while connected to public WiFi networks, such as at esport conventions. Connecting to a VPN would also add a layer of security – you can choose a good VPN from this list.
This isnāt a hypothetical scenario – hackers can and have breached these game platforms, stealing large amounts of customer data. In fact, the developers of Kaspersky Antivirus raised serious concerns over the discovery of malware known as the āSteam Stealerā in 2016.
The āSteam Stealerā reportedly steals the account credentials of 77,000 Steam members each month and, with 1,200 types of malware in activity, Kasperskyās researchers, Santiago Pontiroli and Bart P, claim these data breaches have āturned the threat landscape for the entertainment ecosystem into a devilās playgroundā.
Later in 2017, hackers managed to get into the database of ESEA (E-Sports Entertainment Association League), threatening to release the details of over 1.5 million user accounts, to the ransom of $100,000. ESEA is one of the leading matchmaking services in online gaming, and offers professional tournaments with cash-based prizes for popular games like CounterStrike: Global Offensive, and Team Fortress 2.
ESEA advised players to secure their accounts, while working to patch the vulnerability. The hackers later also breached the ESEA game server infrastructure, changing ever playerās karma rating to a score of ā-1337ā.
Then in late 2018, a critical bug was uncovered in EAās Origin client, by an independent security researcher. The bug allows a malicious entity to scrape account data. The independent researcher, online handle Beard, explained the bug:
“The bug occurs when you use the EA Origin client but request to edit your account on EA.com […] The EA Origin client will spit out an auto-login URL, in which the token is basically the equivalent of your active username and password.”
Auto-login URLs are fairly common, and are typically based on a userās cookie files stored on their device. However, this was not the case with the EA Origin auto-login URL, which allowed using the URL without any prior authentication. An attacker could then guess a userās security question, hijack the account entirely, and use any kind of stored payment method associated with the account.
The scariest thing about the bug was how these auto-login URLs could easily be harvested from unsecured WiFi networks. If an attacker were to hit an esport convention where a large number of users were connecting to a public WiFi, and then logging into EA Origin accounts, the damage could have been massive.
Fortunately, the independent researcher quickly notified EA of the bug, and a patch was quickly released. It is, however, just one example alongside others weāve shown, of how tiny security flaws can put millions at risk.
-
Africa7 days ago
New Governing Board of the Gaming Commission of Ghana Sworn in
-
Asia7 days ago
Macau Government Extends Lottery Concession of Macau Slot Until 5 June 2026
-
Latest News7 days ago
Week 26/2025 slot games releases
-
Africa7 days ago
QTech Games hires Ekaterina Mayorova as sales lead for Africa & Eastern Europe
-
Industry News6 days ago
CHIPS confirmed as Clarion Gaming charity partner ahead of appearance at iGB Affiliate Awards
-
Central Europe7 days ago
German Federal Government Significantly Increases the Budget for Games Funding
-
Compliance Updates7 days ago
Nick Rust to Step Down as Chair of UKGCās Industry Forum
-
Conference7 days ago
Amatic Industries Showcased its Latest Innovations at Peru Gaming Show 2025