Connect with us
< All Topics
Print

Cyberattack

Cyberattack – Cyberattacks are malicious online operations, carried out by individuals or organizations, for various purposes, that may be economic, political, criminal, or personal, aiming to compromise the availability, integrity, or confidentiality of any information and/or information systems.

Types

Cyberattack can be of different kinds.

One of the most common attack in a “Distributed Denial of Service” (“DDoS”) which consists in overloading a website or a service so that it becomes unavailable or downgraded. The system is overwhelmed with a flood of traffic and requests. This type of attack is quite frequent in the sector of video games, for example, to cause lag in a competitor’s system, in order to gain an advantage over him or her.

Phishing attacks are also very frequent. This category of attack consists in obtaining credentials (e.g. login, passwords) in order to fraudulently access to a person’s or entity’s information or system. These attacks can take many forms, for example, the receipt of a malicious e-mail pretending to be legitimate, inviting the recipient to click on a link or open an attachment. In another example, the attacker pretends to be a trusted third party and invites the user to download malicious content. As a result, the attacker can take control of the hacked system or disable it, or even make use of the fraudulently obtained information.

In the gaming industry, this type of attack is also very usual. The attacker may, for example, offer free downloads of games or options that normally have to be paid for, or trick gamers into revealing their credit card numbers with a fraudulent sale purchase. The result can be a financial or in-game currency scam or the appropriation of player login credentials.

Advertisement

Another very common category of cyberattack is ransomware. Once installed, a malicious program reversibly disables the victim’s information system, all or part of the data can be encrypted. The attacker then sends a message to the victim, offering to provide a means of decrypting the victim’s data against payment of a ransom.

These attacks can have a critical impact, as data can be encrypted or made public, causing real damage to confidentiality, business and/or reputation. All kinds of companies can be affected.

Cyberattack and the gaming industry

The video game industry is a particularly important target for cyberattacks, for several reasons.

Firstly, because this field of activity takes place entirely in a digital environment, with a very large number of users involved, including young players who may not be particularly vigilant and are therefore vulnerable. In addition, the economic stakes can be extremely high in this activity sector.

On the legal side, generally speaking, cyberattacks have different aspects, and may involve for instance intellectual property rights infringement (e.g. fake websites used to obtain phishing information), and/or breach of personal data (e.g. player’s identification data). In many cases, depending on the applicable law, cyberattacks can constitute criminal offences.

Advertisement

There are a number of regulations, notably on the European level, aiming at regulating, fighting, and preventing cyberattacks, including in particular the NIS 2 Directive[1].

In practice, beyond legal resources, compliance with good IT practices (e.g.: control of message senders, vigilance when opening attachments, regular and systematic backups) can prevent such attacks or at least limit their impact.


[1] Directive (Eu) 2022/2555 Of The European Parliament And Of The CouncilOf 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive)

Author

  • Camille Raclet

    Camille Raclet is a French lawyer. She was admitted at the Paris Bar in 2015 and works in Paris since then. She is part of the IP/IT and Personal Data Team of law Firm ADVANT Altana, as a counsel. Camille Raclet practices, as an advisor and a litigator, intellectual property law (copyright, trademarks, patents and designs). She works on all digital-related issues, in particular information technology law (drafting and negotiation of contract, assistance in the course of IT and digital transformation projects and litigation). Camille Raclet has also been practicing data protection law for years, through all types of cases and notably intervenes in case of security breaches and deals with aspects related to cybersecurity. She works with French and international clients, in various sectors of activity. Camille has obtained the CIPP/E certification (Certified Information Privacy Professional / Europe). She is also a member of French association « APRAM » (Association of Trademark and Design Law Practitioners).

Advertisement
Table of Contents