Comment on The Insomniac Hack Reveals The Ugly Truth Of Video Game Hype - Aftermath
misanthropy@lemm.ee 10 months agoI’m too lazy to look into this specific one, but basically all “hacks” these days start with social engineering
Comment on The Insomniac Hack Reveals The Ugly Truth Of Video Game Hype - Aftermath
misanthropy@lemm.ee 10 months agoI’m too lazy to look into this specific one, but basically all “hacks” these days start with social engineering
vexikron@lemmy.zip 10 months ago
Yes, which can be avoided with the basic cybersecurity standard of teaching your employees how to not fall for that.
Literally not much more complicated than ‘dont give anyone your work login and password, If you think something is suspicious, report it to security and never, ever, EVER connect any of your work hardware or accounts to your personal hardware or accounts’.
MudMan@kbin.social 10 months ago
Heh. It's a LOT more complicated than that. Especially post-covid, with everybody ready to support working from home.
Hey, good luck getting hundreds to thousands of people, ranging from engineers to a bunch of kids doing QA to technically illiterate administrative positions and office workers to keep rigid, government-level security standards when each and every one of them has some degree of remote access and mostly are just... you know, going about their lives and going to work every day. You sound like you'd love doing IT for a game studio.
And hey, guess what, all of their work hardware and accounts are probably connected to their personal hardware and accounts. Or are, in fact, the same hardware and accounts. Nobody has time or money to equip every single employee with a second phone and laptop overnight and all of them had to work remotely during the pandemic, just as much as everybody else. It's kind of chilling to know that the games industry is under this level of harassment and these leaks keep happening, because I guarantee any other non-tech industry that has shifted to remote work the past few years is doing much worse at this. Gaming was already weirdly secretive, even when compared to movies and TV or other similar cultural industries.
For the record, games are full of open source software (and closed source as well). Go check out the list of OSS on any game's credits. They still have to comply by disclosures required by most licenses, so it'll be in there somewhere.
vexikron@lemmy.zip 10 months ago
Uh… I have managed and maintained cybersecurity policies for a non profit albeit not as head of IT but working in close cooperation with him as the team i was on was in charge of a huge system that nearly all employees and definitely all our clients used.
We successfully managed to not have any cybersecurity incidents while I was working there.
We gave everyone work phones and work laptops because that is how you do cybersecurity right.
And uh, no, if youre going by companies specifically being targeted and compromised by hackers, as opposed to hackers going for anything connected to a widely used software service, uh, gaming companies are actually doing far worse than other industries, likely due in large part to incompetent management.
Sure, yep, its chilling that employees at video game companies are at risk because their management is incompetent.
No clue what you mean by ‘gaming was always weirdly secretive when compared to movies and music.’ Music and movies are even easier to pirate than video games which have to be cracked… Not sure what youre talking about here.
And oh dear god here at the end youre going to ‘for the record’ inform me, a person who has written code for game mods for 20 years and professionally for various roles in the tech industry for a decade that games have open source and closed source code in them.
Thats not even relevant to how a whole company’s network gets breached and its employees get basically doxxed.
The… the video game company’s internal software for managing employee records, clock ins, clock outs, wage payment, emails, etc, is different from the software it uses in its product, the game.
It doesnt matter if a game has OpenGL and a bit of a liscensed proprietary physics engines.
Thats not connected to the company email server.
Why do you have such an arrogant attitude when you have no idea what you are talking about?
MudMan@kbin.social 10 months ago
Honestly, my response to everything you said is on my first post. Including the "you'd love doing IT for a game studio" part.