DECEMBER 13, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
Blurring Boundaries: Security Predictions for 2014 and Beyond

Security for Home Users
The Online Gaming Console: Box of Entertainment or Box-Shaped Threat?

Security for Business
Zero-Day Exploit Affects Older Versions of Windows

Security for Home Users

The Online Gaming Console: Box of Entertainment or Box-Shaped Threat?

Anything that’s Internet-connected presents risks.”

Online gaming, especially console gaming, is huge right now; so big that IDC believes that come 2017, 165 million gamers will play with others despite distances. Current-generation consoles are also sporting features that benefit every user. But is this trend something we need to be concerned about in terms of security?

Service or Surveillance?

One of Microsoft™ Xbox® One’s biggest selling points is its Kinect® 2 camera, which boasts of being much more sensitive than its predecessor, allowing for better no-controller interactivity with the console. It can also identify players through face and speech recognition and follow both vocal and gesture commands. It would always be turned on even if the console is turned off to see and listen to commands.

While this feature can certainly allow much more interactive gameplay, you should consider the potential risks of having a camera that’s “always on,” too. The fact that Kinect 2 constantly listens to commands even when the console’s turned off can pose privacy risks because it may record even private conversations.

Internet Connectivity or Information Collectability?

Anything thats’s Internet-connected presents risks. Desktops, laptops, and mobile phones are all vulnerable. And as gaming consoles more and more become Internet-connected than before, they’re sure to become bigger targets.

In 2011, more than 70 million Sony PlayStation® Network accounts were stolen in a highly publicized data breach incident. Club Nintendo and the Konami ID portal also suffered from their share of attempted unauthorized log-ins.

Why would attackers go after online gaming consoles? The answer is quite simple–—bankable information. With online gaming come online transactions. Console owners can buy digital content, ranging from add-ons to full game versions, via their consoles. Doing so usually involves credit card use or getting the services of vendors like PayPal and, of course, revealing personal information.

Bad guys also directly collect information by contacting potential victims via in-game chats while masquerading as players. Real money trading (RMT) or the exchange of real money for virtual items between players is common. Shrewd cybercriminals can try to scam you by asking not only for cash but also personal information like your email address, home address, or contact number via chat. And as we all know by now, information theft is usually followed by fraud and identity theft.

Is It Worth It?

Console gaming offers hours upon hours of entertainment; online connectivity makes it better because you can also show others just how much fun you’re having while playing. But the risks consoles pose to privacy can’t be denied.

You should be aware of these risks and make sure you don’t become a victim. Turning your Microsoft Xbox One completely off when not in use can help. Using prepaid point cards for microtransactions rather than your PayPal account or a credit card also helps.

To see the bigger picture when it comes to online console gaming security, take a look at “Ahead of the Game.”

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.