6 min readMar 29, 2021


Unfortunately, cyberattacks are becoming all too common. While almost everyone has had their data breached at some point, for game developers and publishers, the impact is particularly pronounced as the popularity of video games provides a ripe target.

Just last month, CD Projekt Red was blackmailed after having its data stolen in a cyber attack, and in 2020, Capcom was breached and that resulted in more than 350,000 player’s personal data being stolen. Akamai has recently issued a report that specifically calls out the cyberthreat trends in the video game industry. From July 2018 through June 2020, Akamai identified more than 100 billion credential stuffing attacks, with 12 billion of them aimed at the gaming sector. Attackers have been focusing their efforts towards video game developers and publishers through credential stuffing and phishing attacks, according to the report.

Part of the upward trend in targeting video games is simply because game developers aren’t heeding the need for security, and players don’t seem to care. It makes for a bad combination. According to the Akamai report, 55% of”frequent players” were aware that their accounts had been compromised at some point. However, among those, only 20% said they were “worried” or “very worried” about it. Clearly, this is fertile ground for bad actors.

The infamous bank robber, Willie Sutton, was once asked, “Why do you rob banks?” His reply…”Cuz that’s where the money is.” Similar thinking is clearly being applied by cyberattackers when seeking the data-rich video game market. Depending on who’s numbers you believe, video games are a $100 billion to $200 billion market, with players of all ages, all over the world. It has all the makings of a rich cyberattack minefield, which includes:

Market speed: this market is moving fast and is hypercompetitive. Games are being developed at lightning fast to get to market and start getting players. Things are going to be missed along the way, including security. Security can take time to build into a game, but when the goal is output, sometimes security is moved down on the priority list.

Changing skill-set: the universe of games is incredibly dynamic and diverse, and we’re all benefiting from that. This is partly due to the fact that development tools allow people with varying degrees of skill build great games. Some who are more design-focused can employ functionality through robust game development platforms. Others who can code might partner with writers, designers, and other creatives to build awesome narrative-based games. As skills become dispersed and technology is democratized, the goal becomes output. Output can be based on functionality, look and feel, and experience, which is great for players. But here again, security can be sacrificed when there is no one directly responsible for handling it.

Infrastructure complexity: the simple fact is, game developers want to build games. Building, configuring, and managing servers just takes them away from the things they’re good at, and it ends up giving them a never-ending j-o-b. You ever seen what happens when a server goes down? Unless there’s a server admin available to deal with it, it’s a lot of sweating and down time. It’s not fun.

Data is treated like a commodity: at the end of the day, every game is a feedback loop, rich with data. For developers and publishers, this data can give them the precise insights they need to build better features into their games that will increase playtime and monetization. But too few stop to consider that that data can do two things. It can:

Make them wildly successful: the best games are built and improved upon with actual data derived from actual games. Developers can see what players like, where they drop off, where they engage other players, and a host of other key data points that helps them deliver to players the things they want. That increases playtime and virality, two of the most critical ingredients to game success.

Kill them: if data isn’t protected, games get hacked, players data is exposed, and the game dies a fast death.

So here we have an environment that is producing great games — and a lot of them — but they are not being created with the necessary safety requirements to protect user data. It may not seem like it’s harming the market much, but ask any game developer whose game data has been stolen or ransomed. It’s a long time before she or he rebuilds credibility with discerning players.

But as the above points indicate, game developers want to build games, not manage servers. They also want data, but they don’t want the burden of protecting it. Well, we solved for this and it’s manifested in the form of GamerGraph, which is a cloud-based game analytics platform that actually accelerates the development process rather than hindering it.

Let’s take a look at the points above, the points which explain why game data is vulnerable, and look at how a cloud-based service like GamerGraph changes the dynamic:

Make market speed an ally: we want you to move fast, which is why we don’t require developers to do any custom integration or development work. With an API, or Unreal or Unity plugins, devs simply connect their game to our cloud environment and begin seeing data immediately. So actually, we’re helping accelerate development, because as soon as a developer has game and player data, she can immediately begin improving the game. AND, we operate according to most standard compliance frameworks like GDPR and CCPA, so not only is data compliant, but it also adheres to the security checks and requirements in those frameworks.

  • Stick with your core skills; we’ll do the rest: does anyone want to configure a server? Not if one doesn’t really have to. Owning and managing servers is simply unnecessary, especially when the cloud offers to do the heavy lifting, and GamerGraph performs all the management of server functionality and performance. So for those developers and designers we talk to who start to sweat when the word “server” comes up, there’s a much, much better way. They don’t need to learn anything about servers or server security, nor do they need to hire admins or SecOps teams. GamerGraph owns and runs the powerful operations that deliver the analytics that can make their games better.
  • Simplify to increase security: let’s be clear; you’re basically outsourcing your game operations backend when you partner with a platform like GamerGraph. This alone reduces — and even eliminates, to some degree — any complexity that is currently slowing down studios and publishers who are waiting while security teams analyze vulnerabilities and threats. In fact, the GamerGraph platform abides by strict cloud-based security protocols which enable us to identify and isolate issues before they can access or do any significant damage to your game data and that of your users.
  • Data protection is the top priority: data may be a commodity, but it still needs to be protected. There has to be a SecOps function that treats data like the most valuable aspect of your game, because that’s precisely what it is. As we saw above, data can make a game hugely successful, or it can kill it. GamerGraph provides the infrastructure to prevent it from being killed.

Developers can get the benefit of comprehensive security when they use a cloud service like GamerGraph to run their gameOps. GamerGraph manages compliance controls for all major frameworks, and provides continuous security monitoring. Game developers can therefore focus on building great games, not configuring servers and managing SecOps.

Try GamerGraph for free to see how security of your game and players can give you a competitive advantage.

Photo by Scott Webb on Unsplash




Continuous game insights for continuous game improvement.