Tuesday February 9, 2021 brought surprising and disappointing news for CD Projekt Red; he announced that he was the victim of a targeted cyberattack and that he was being held for ransom. It is still unclear who hacked into the company or why. However, cyber attacks are nothing new. The effects are devastating for gaming companies, costing them thousands of dollars and causing huge disruption to their services. We are going to take a look at some of the most notorious cyber attacks in the history of online gaming and discuss some of the notorious black hat hacker groups behind them.
A little journey through history
The first ever recorded cyberattack took place on November 2, 1988. It was called the Morris worm and was led by American computer scientist, now a professor at MIT, Robert Tapan Morris. He created the worm because he was "just trying to measure the size of the Internet." Well, that curiosity landed him in jail, after he became the first person to be sentenced under the United States Computer Fraud and Abuse Act of 1986. You could say that the attack was a comedy of errors, since Morris he never wanted the worm to get as far as it did. He didn't have bad intentions; he was just trying to highlight security weaknesses. The worm was supposed to go undetected, but instead grew at an alarming rate and caused extensive damage, costing between €100.000 and €10 million to remove. Morris was fined €10,050, 3 years probation and had to do 400 hours of community service, a fairly light sentence considering. The worm was supposed to go undetected, but instead it grew at an alarming rate and caused extensive damage. Since then, there have been many cyber attacks, targeting different companies, governments and other platforms. But when it comes to video games, the most common attack is DDOSing or distributed denial of service. Although DDOSing is a type of cyber attack, it is not hacking.Notable victims of cyber attacks
Some of the biggest online gaming platforms have been the victims of these attacks; let's take a look at it.Riot Games
Riot Games, the company behind popular online titles like League of Legends and Valorant, has been hacked and DDoSed multiple times over the years. The first major League of Legends hack was carried out in 2012 by Lulzsec, a black hat hacking group responsible for multiple cyberattacks on numerous online services, including those of government organizations. A black hat hacking group is a group that breaks computer security for selfish and malicious reasons, as opposed to white hat hacking groups which are motivated by ethical groups and often aim to counter black hat groups. The League community discovered that their personal information had been compromised following a statement by Marc "Tryndamere" Merril, Co-Founder and Co-Chairman of Riot Games via the LoL forum on June 9, 2012. To this day, Riot has never has confirmed when the attacks took place. This would see the start of a series of cyber attacks against the gaming company.BOMBS AWAY! DESTINATION: Eastern League of Legends Hookup Server! (SCHEDULED THIS TIME) December 30, 2013 They weren't the only hacking group to attack League servers. The following year, on August 18, 2014, another group, Lizard Squad, also carried out a DDoS attack on LoL servers. The most recent attack on Riot took place on January 16 and 17 of this year only. The attack was aimed at Riot's competitive LoL team tournament mode, Clash.
📢 Due to unresolved network issues in all queues, the rest of the Clash games of the day will be canceled and tickets will be refunded. January 17, 2021 This prompted an official statement in the form of a Twitter thread posted by Brian Bossé, technical manager at Riot Games.
Hello everyone, no tweeting in a long time. I am the technical director of League, and I would like to shed some light on the instability of the League in Europe recently. (1/7) January 21, 2021 Probably not the last attack Riot has faced, but it does give you an idea of some of the ones they've faced so far.
Capcom
Late last year, Capcom fell victim to a targeted cyber ransomware attack. The creators of Street Fighter were slow to reveal its magnitude, announcing on November 4, 2020, only that an attack had occurred. On November 12, it announced that the stolen data belonged to nine former and current employees and that corporate data had also been stolen. It wasn't until November 16, 2020 that Capcom revealed that the attack was far worse than previously thought, with the personal information of 350.000 "(customers, business partners, etc.)" compromised. During the release, he detailed the potential data breaches that occurred, along with a timeline of events and the plans they had to address them. The company also revealed that a ransom demand had been made and shared the name of the group behind the attack. "The company discovered a message from a criminal organization calling itself Ragnar Locker, and after making sure that a ransom was demanded, they contacted the Osaka Prefectural Police." Capcom explained why it took so long to understand the scope of the attack, saying, "Investigation, analysis, etc. of this incident took longer due to issues such as data backup on servers being encrypted and logs access logs are removed during the attack." In March 2020 alone, Blizzard suffered four DDoS attacks in less than a weekActivision Blizzard
Activision Blizzard has suffered multiple DDoS attacks against its Battle.net client and game servers. From February to September 2010, Blizzard's European World of Warcraft server was targeted by Calin Mateias, 38, from Romania for various DDoS attacks. He was then jailed for a year on May 7, 2018. Blizzard was also one of many online gaming platforms targeted by Derp Trolling in 2014 and Lizard Squad on April 13, 2016. Battle.net was attacked, denying users players access to their popular titles like Starcraft 2, World of Warcraft, Diablo 3 and Hearthstone. . But more recently, Blizzard has faced a large number of DDoS attacks, with UK Drillas taking responsibility for an attack on WoW Classic servers in September 2019. In March 2020 alone, Blizzard suffered four DDoS attacks in less than a week, although some players believed the outage was due to a higher than usual number of players accessing their servers after the imposed government shutdown due to Covid-19. On January 7, 2021, Blizzard was hit by another DDoS attack on its Warcraft servers.We are currently experiencing a DDoS attack, which may result in high latency and disconnections for some players. We are actively working to alleviate this problem. January 7, 2021
CD Projekt Red
This brings us to CD Projekt Red. On February 9, 2021, it announced that a cyberattack had been carried out on its internal network. The responsible hacker claimed to have stolen the source code for "Cyberpunk 2077, Witcher3, Gwent and the unreleased version of Witcher 3". They went on to say that "we have abandoned all documents related to accounting, administration, legal, human resources, investor relations and more! Claiming to have encrypted all of CD Projekt Red's servers, but acknowledging that they knew the servers could be easily recovered by making copies of security. The company that came under immense pressure due to reported issues with its release of Cyberpunk 2077 no longer needed bad news. The hacker held the stolen data for ransom, giving CDPR 48 hours to agree to their demands. CDPR refused and, as promised, the hacker auctioned off the data on the dark web.It is unclear who the buyer is or what he plans to do with the data, which cost €7 million with an agreement that no further sales or distribution were allowed. .Just in: #CDProjektRed THE AUCTION IS CLOSED. #Hackers has auctioned off the stolen source code for the #RedEngine and #CDPR versions of the game, and has just announced that a satisfactory offer has been received from outside the forum, on the condition that they no longer distribute or sell. pic.twitter.com/4Z2zoZlkV6 February 11, 2021 So far, no group or individual has claimed credit for the attack.