When you play a video game, you probably want to win, or at least show off real skill. Cheaters make it a lot less fun, according to a recent Irdeto Global Gaming Survey.

It says 60% of all online video game players across the globe have had their gaming time negatively impacted by cheaters. These digital cheaters use various methods at their disposal, including viruses, exploits and hardware and software modifications. Some can even bypass anti-cheat systems, giving them an edge over other players.

On the surface, this may seem like an issue limited to gaming developers and their consumers. However, the increase of cyber cheaters raises more awareness about similar vulnerabilities. Some of these are already present in many modern IT infrastructures. Do you work with security systems operating in a hybrid work environment spread across multiple personal devices and off-site hardware? You might face similar issues that game developers see when it comes to a lack of visibility and control.

What can IT experts working on security across multiple organizations learn from gaming?

Online Gaming to Win

Online multiplayer games are becoming more and more popular. In the face of this, game developers have struggled to keep up with the demand for new content. At the same time, they need to ensure that their games are fair and balanced for all players. Cheating has always been a problem in the world of gaming. As tech advances, so too do the methods used by cheaters.

A common way online gaming cheaters gain an advantage is by using software exploits. These are vulnerabilities within the code of a game that malicious players can exploit to gain an unfair advantage. Some may be simple bugs that allow players to move faster than intended. More sophisticated techniques let players see through walls or control other players’ characters.

While cheaters create some exploits on purpose to give themselves an edge, others are discovered by accident. In either case, game developers must act quickly to fix the exploit and release a patch to update the game code. However, as many gamers are aware, not all game developers release patches in a timely manner, or even at all. This can leave players open to exploitation for weeks or even months.

Online Gaming at Work

Online gamers can ‘beat the system’ by modifying gaming code stored on their local machines. Of course, this is out of the control of development teams. It’s not unlike how malicious actors can exploit vulnerabilities in a modern IT infrastructure.

Lack of visibility and direct control are the key. Developers can’t always control how gamers access and change gaming code. That’s the same struggle that many modern IT system admins face.

In addition, businesses are moving away from on-premises IT infrastructure models and towards hybrid workforces. They are opening themselves to new attack vectors more and more. In these hybrid environments, people use off-site hardware and personal devices to access company data and apps. This creates a complex network of access points that are difficult to monitor and secure.

Modern IT systems are also becoming less centralized, with data and apps spread across multiple on-premises and cloud-based servers. This creates gaps in visibility and control that attackers can exploit. Just as game developers must create a level playing field for all players, IT admins must work to secure data and apps across a decentralized network. That’s true regardless of where the data are located. But driving this type of initiative requires a shift in thinking. We have to accept that many security models are outdated.

Securing Data With Less Physical Control

The concept of zero trust security has been gaining traction in recent years to secure digital environments with less physical control. Zero trust is based on the principle that all users should be treated as untrusted entities regardless of their location or device. This means that instead of relying on perimeter-based models, you should focus on securing data and apps at the user level.

User identity and access management (IAM) is a critical component of zero trust security. It allows administrators to control at a granular level which users have access to which data and applications. In addition, IAM platforms let businesses quickly onboard and off-board employees, enforce multi-factor authentication and track user behavior.

Another effective way to secure digital environments is through micro-segmentation. This involves creating small, isolated security zones within a network. Segmenting the network in this way makes it much more difficult for attackers to move side to side and access sensitive data.

What else can you do outside of using zero trust security models and IAM platforms? There are several options:

  • Patching systems and apps often
  • Take care when monitoring systems and networks for intrusion
  • Training employees in cybersecurity best practices
  • Conducting regular risk assessments
  • Using comprehensive incident response plans.

By taking these proactive measures, businesses can make it more difficult for attackers to exploit vulnerabilities in their IT infrastructure and better protect themselves against the ever-evolving threat landscape.

Moving Forward

The trend of online gaming cheaters teaches us a great deal about the current state of cybersecurity. There is now a renewed sense of awareness when it comes to the dangers that decentralized networks can pose. In order for organizations to protect themselves, it’s essential that they adopt a more disciplined and proactive approach. By turning attention to the benefits of zero trust models, it’s possible to build an IT infrastructure that is much more resilient to modern-day attacks and reduces attack surfaces.

More from Risk Management

The Evolution of Antivirus Software to Face Modern Threats

Over the years, endpoint security has evolved from primitive antivirus software to more sophisticated next-generation platforms employing advanced technology and better endpoint detection and response.  Because of the increased threat that modern cyberattacks pose, experts are exploring more elegant ways of keeping data safe from threats.Signature-Based Antivirus SoftwareSignature-based detection is the use of footprints to identify malware. All programs, applications, software and files have a digital footprint. Buried within their code, these digital footprints or signatures are unique to the respective…

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

How the Silk Road Affair Changed Law Enforcement

The Silk Road was the first modern dark web marketplace, an online place for anonymously buying and selling illegal products and services using Bitcoin. Ross Ulbricht created The Silk Road in 2011 and operated it until 2013 when the FBI shut it down. Its creator was eventually arrested and sentenced to life in prison. But in a plot twist right out of a spy novel, a cyber attacker stole thousands of bitcoins from Silk Road and hid them away. It…

Third-Party App Stores Could Be a Red Flag for iOS Security

Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…