Ransomware Attacks Can Strangle Gaming and Media Companies
If you’re a company that specializes in media or electronic gaming, then your content is your business, plain and simple. As such, any cyberattack that disrupts this production process can strangle a gaming company’s ability to grow—and has the potential to wipe out years of work. It is clear that media and gaming companies have a substantial incentive to pay up when attacked by ransomware. Hackers know this, which is why 60% of surveyed companies in the media and entertainment sector reported being attacked by ransomware in 2020.
Media and Gaming Companies Rely on Content
If you’re a media or gaming company, four things are true:
- Content — whether of media, video games, subscriptions or licenses — is your primary revenue stream
- Production deadlines are tight
- All of your assets are digital
- Every minute that customers can’t access your content means lost revenue
Given the interconnected nature of the industry, most media and gaming developers have a broad network attack surface, making them vulnerable to attacks that inevitably result in a hefty price tag, especially where ransomware is concerned.
For example, let’s say that an attack encrypts your servers. If you’re a gaming company, those servers store all the code, strategies and storylines for all your games, including those that have not yet been released. If you’re a media company, those servers hold all the footage you’ve shot for the series you hope to one day release on a streaming platform.
Even if you can ultimately replace this data, the process of restoration can delay release dates. What’s more, ransomware attackers often steal data before encrypting it, which means that the attackers might release the plot of your videogame or TV show in advance, thereby spoiling the suspense that entices many viewers and gamers to play or tune in. Lastly, the hacked servers could also contain the confidential personal and financial details of your customers, potentially exposing them to identity theft.
But the loss or exposure of data isn’t the only problem. Workstations don’t just store a lot of ongoing work, they’re also essential production tools that can’t be easily — or quickly — replaced. For example, lots of media and electronic gaming work is performed on desktops with high-end video cards—and these components are in extremely short supply. Even a relatively small-scale ransomware attack could wreck productivity in media and gaming companies. If your game is set to ship in two months and all your workstations are encrypted, you have an enormous problem (and a huge incentive to pay the ransom).
Attacks like this aren’t just hypotheticals. In February 2021, CD Projekt Red, the makers of Cyberpunk 2077, was struck by a ransomware attack. Although the company was able to restore the data from backups, attackers stole personnel data and leaked the source code for current and upcoming games on the internet. Just a couple of months earlier, in November 2020, gaming giant Capcom was struck by a ransomware strain known as Ragnar Locker in which their servers were encrypted and more than half a million records were stolen.
Both Capcom and CD Projekt Red are industry leaders in the field of video games, but there’s an entire universe of independent gaming and media companies out there. These organizations may have no choice other than to either pay a ransom or go out of business.
Are Gaming and Media Companies Prepared for Advanced Cyberattacks?
One thing that media and gaming companies have in common is a high cost of production and an uncertain outcome in terms of revenue. We’ve all heard of movies and games that fail to recoup their budgets. What this means is that gaming and media studios are incentivized to spend much of their budget on core competencies. Cybersecurity may be underfunded, leaving companies exposed to hackers.
Meanwhile, software developers–including those working for gaming companies–are being specifically targeted via phishing attacks. Although software developers are usually tech-savvy, hackers have successfully tricked them using spear phishing methods. Messages are crafted to look like recruiters inviting developers for job interviews, or colleagues asking technical questions. It only takes one click for attackers to get a toehold in the network. Developers often have access to administrative accounts, which means that hackers can use an infected developer machine to move laterally through developer networks.
Current cyber-security measures still can’t reliably protect against threats that are delivered via email, and many of them rely on users being trained in security awareness. Unfortunately, the messages that developers receive are more targeted, which means that even common sense and training might not do much to prevent a breach. This is a case where doubling an investment in cyber education isn’t likely to result in the organization being twice as secure.
Media and Gaming Companies: Prevent Data Breaches with Remote Browser Isolation
While media and video game companies may feel that end-user training is their last and best defense against phishing attacks and drive-by downloads, there’s actually a better option they may not have considered. It’s called remote browser isolation (RBI). The goal of RBI is to make it almost impossible for users to download an infected file or be attacked via a phishing site — even if they fall for a spear-phishing attempt.
RBI is based on the concept of an air-gapped system. The user visits websites using their regular desktop browser, just the way they normally would, but no content from the public internet ever reaches the browser. Instead, their browser is actually streaming interactive content from a remote browser that’s running off-site, in a temporary container. Even if the user visits a phishing site or downloads an infected PDF, the malicious files stay in the containerized browser without ever infecting the user’s endpoint.
Media and gaming companies produce valuable content on short deadlines, which makes them attractive targets for ransomware attacks. RBI helps companies lock down the most common vectors for malware and ransomware, without dramatically increasing the IT budget or focusing more efforts on hit-or-miss training. This means that gaming and media companies can get back to doing what they do best, without worrying about paying a ransom to decrypt their files.