Securing the Future of Esports

Know when to co-operate and when to compete

This is an area in which stakeholders from across the sector need to co-operate - securing specific events and their reputation should not be a competitive sport. If one event slips up, the broader reputation of esports suffers.

Event organizers and teams should be working together to protect their young industry from bad actors by sharing best practice and technical solutions that prove to be effective. That would remove the need for every event organizer and team to reinvent the wheel, while reducing the risk of breaches and attacks across the sector. Some of the bigger events in the Netherlands are now collaborating on security, indicating the industry is pursuing this broader agenda.

One of the most effective ways to fend off DDOS attacks is to work with an Internet service provider to employ really fat fibre-optic pipes with enough bandwidth to enable you to absorb both the legitimate traffic and the malicious traffic. With an inspection system in place, the latter can be identified and filtered out, ensuring the esports event goes ahead uninterrupted.

Here in the Netherlands, there are organizations that can provide six gigabit per second Internet connections inboth directions, which is fast enough to enable cloud-based services to “scrub off” any DDOS traffic in real-time.

An inspection system can also be used to warn participants in an esports competition that their machines are communicating to an IP address, or sending out traffic, that is known to be malicious. That could indicate they have been infiltrated by a botnet. However, such monitoring practices may raise privacy concerns, so would need to be agreed with the participants in advance of the event. 

Always-on protection of players’ equipment

In any case, esports teams themselves need to have robust processes in place to ensure players’ computers are continuously protected. Having malware on your system while you're playing a fast-paced game could slow down your machine’s responsiveness – even a few milliseconds lag could cost a player dear in a competition. 

Although the bigger esports teams provide hardware to their players, smaller teams will have members playing at home using their own hardware connected to their own internet connection, raising the security risks. In effect, a team needs to take the same approach as the IT function of a large business, insisting staff follow security protocols and processes while working from home. 

Today, Dutch law prohibits people from gambling on the outcome of esports competitions. However, there are some calls to remove these restrictions. If that happens, there will be a stronger motivation for bad actors to disrupt esports events, changing the threat landscape and further increasing the risk for events organizers and participating teams. 

Security breaches or no security breaches, there is always the risk that an Internet connection will fail at a critical moment.  In case that happens, tournament organisers need a plan B. There was a time when an esports competition could switch to a local network, if its Internet connection faltered. That would be unthinkable now – the scale and complexity of these events mean players generally need to be connected to powerful data centres in the public cloud. An alternative approach would be to install a data centre on site at the venue, but that is a very expensive proposition and the owner of the game franchise is unlikely to want to put their intellectual property in a place where it could be hacked.

In summary, the burgeoning esports industry can’t afford to play it fast and loose. The sector needs to invest in secure infrastructure, as if its future depended on it, because it does. Disruption to events and teams will undermine credibility, prompting sponsors and spectators to go elsewhere. 

Next steps

Please feel free / get in touch with us to discuss the arising opportunities within the esports ecosystem.