The ransomware hack used to extort game developers explained

A recent ransomware attack targeting a video game publishing giant is the perfect opportunity to explain how such attacks work.

Ransomware is a type of cyber attack through which the assailants steal valuable information and threaten to release it. After gaining access to desired information, the info is typically ransomed for money. If the company refuses to pay, the hackers can release the information to business competitors, government agencies, or the general public. This is a very serious crime can result in huge payouts for the offenders if they get away with it, or even bigger punishments if they get caught. But that threat doesn’t stop the targeting of video game companies.

Ransomware is usually a complicated process, so it is often undertaken by a group of people. Once they find their target, hackers can use a variety of techniques to gain access to a company’s digital information. These gangs can use phishing scams, insecure communication channels, or even an inside agent to gain the needed access. From there, they often both download all of the stolen information while also encrypting the copies of that information that the company owns. Then the hackers are the only ones with access to the information in question.

Video game companies are a prime target for hackers because almost all developer assets are digital. By encrypting information, ransomware hackers can hold entire games hostage during their development. Video games are also a lucrative business, so big developers and publishers have the money to pay large ransoms.

The ransomware attack on Bandai Namco explained

To truly understand how a ransomware attack affects a gaming company, the recent case with Bandai Namco is the perfect example.

Based on somewhat verifiable information, the group targeting Bandai Namco appears to go by the names ALPHV and BlackCat. The group used special software to somehow gain access to Bandai Namco’s secure information. The group claimed access for a few days before Bandai Namco confirmed the attack on July 13, 2022.

ALPHV ransomware group (alternatively referred to as BlackCat ransomware group) claims to have ransomed Bandai Namco.

Bandai Namco is an international video game publisher. Bandai Namco video game franchises include Ace Combat, Dark Souls, Dragon Ball*, Soulcaliber, and more. pic.twitter.com/hxZ6N2kSxl

— vx-underground (@vxunderground) July 11, 2022

The exact specifications of the leak are not yet know, as the video game publisher doesn’t want any more information to potentially leak out. If Bandai Namco doesn’t manage to reach an agreement with the hackers or get law enforcement successfully involved, there could be two major consequences.

The first is that all of Bandai Namco’s existing digital assets are destroyed with no way to easily recover them. This could badly affect the company’s current business, making it very difficult for Bandai Namco in the near future. Alternatively, ALPHV could release all of the company’s information to the public without destroying it. This is probably the less dramatic result, but would still be a massive disappointment and headache for Bandai Namco.

Since it can be difficult to find authentic information about ransomware attacks, companies affected by them tend to attract fake leak rumors. This was true for the Bandai Namco ransomware attack as well, though we explained why the supposedly leaked Dragon Ball release timeline and Elden Ring DLC are almost certainly fakes.