A lot of people still see the internet as a bit of a Wild West - a semi-civilised frontier where you can do or say pretty much under the cover of anonymity. A bit like the western outlaw, the idea of the hacker has ridden the wave of pop culture for a long time. From Matthew Broderick in WarGames, to Neo in The Matrix, all the way through to your bespoke character in a Fallout game - where hacking terminals can bring a hostile environment under your control - we tend to root for the plucky vagabond.
So you face a bit of an image problem if, like me, you work for the National Cyber Crime Unit (NCCU), a department of the National Crime Agency, with a responsibility for protecting the UK from cyber criminals. We’re not expecting the big studios to make a game any time soon, but every day we’re working to prevent people from being exposed to the world of cyber-crime - whether as victim or perpetrator.
So where do videogames and cyber-crime intersect?
Over the last few years, we’ve been interviewing convicted cyber-criminals and people handed Cease and Desist orders for activities teetering on the edge of cybercrime (where possible we believe in prevention and intervention of crime rather than prosecution). Through these, we’ve learnt that cybercrime often starts off in places as innocent as modding communities and gaming forums, where small minorities of skilled - usually teenage - gamers get together in search of online kicks that they may or may not know are illegal.
The most common types of cyber-crime are Distributed Denial of Service (DDoS) attacks, takeovers and cracking. A lot of the young people we interviewed said that they didn’t carry out these attacks for financial gain, but treated it like a victimless crime - a high-stakes game where they could earn some kudos among their online peers, and show off their coding mettle.
The problem is that there are victims, and it is a crime. Those attacks I mentioned above are punishable by criminal records and prison sentences under the Computer Misuse Act. You may not have heard of this until now, but if you’re someone who enjoys dabbling in coding, computer security and white-hat hacking, you should take it on yourself to read this condensed version of the Computer Misuse Act that we’ve written up. There’s probably a lot more to online law than you think, and if you want to stay on the right side of the law, then it’s pretty handy to know what that law actually is.
Besides, if you are a tech-savvy gamer or coding prodigy, then why would you want to waste your talent and time hacking Steam s when you could put your skills towards cracking challenges that could ultimately lead to a really well paid job? Like ethical hacking competitions, cyber security or, best of all, making videogames.
How to protect yourself from cybercrime
* The best way to protect your gaming is with some regular tradecraft. Use three random words to create a strong, separate for each of your s, numbers and symbols can be added for extra security if needed For example 3redhousemonkeys27
* Use a manager to store a vast repository of secure, randomly generated s (which you can easily sync across devices).
* If a game service or website offers two-factor authentication (2FA or MFA), use it. That way, any time someone tries to access your from an unfamiliar browser or IP, a verification code will be sent to your phone or email address. This should ensure that only you can to that and notify you if an outsider is trying to get in.
If you think you’ve been targeted by cybercrime:
If you think you’ve been targeted by cybercrime:
If you suspect that your site has been hit by a DDoS attack, or that someone is accessing your without consent, you should report it via the Action Fraud Website. This site does not carry out investigations itself, but acts as a gateway, directing your report to the most appropriate law enforcement agency.
If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), call 0300 123 2040 immediately.
If you have a payment card linked to a gaming you suspect has been breached, call your card issuer as soon as possible, also keep an eye on your statements for suspicious transactions.
Hopefully this article makes the internet and the laws surrounding it a little clearer for you. We’ll be at EGX later this year, so if you want to come over and say ‘hi’, or challenge us to a game, we’ll be waiting!
Stay safe online, and happy gaming from the NCCU.
