In Plain Text: Exploiting Online Games

By Greg Hoglund and Gary McGraw; Reviewed by Ben Rothke, CISSP

Online games are, as the term implies, video games played over the Internet. Many of them have associated online communities that reach well beyond the closed world of traditional single-player home games. The most popular, World of Warcraft, boasts more than 10 million players worldwide.

While the world of online gaming is built to entertain, its creators and players fight the same IT threats as business-oriented networks. Today’s 12-year old who is hacking World of Warcraft simply to cheat at the game could, in a couple years, be targeting corporate networks to more nefarious ends.

While the game attackers’ goals are different, this book demonstrates the lengths to which they are willing to go to access a system. Those tactics are likely forerunners of software and network security challenges to come in other online arenas.

In Exploiting Online Games: Cheating Massively Distributed Systems, authors Greg Hoglund and Gary McGraw offer a look at those threats. The book’s 10 chapters provide a comprehensive overview of everything from game hacking 101 to reverse engineering.

The authors explain in depth why and how online games are a harbinger of software security issues to come, and manifest some that already exist. They describe how gamers have created billion-dollar virual econ-omies, how to build a bot to play a game for you, why players cheat, and even how game companies invade players’ personal privacy.

Most important, the authors describe  how game creators overcome a security issue only to have it defeated by the hackers. Sound familiar? This never ending “Spy vs. Spy” scenario is obviously frustrating to the game creators and underscores the critical importance of building effective application security into the fabric of the game.

Both Hoglund and McGraw have written extensively on the importance of software security. The sooner you and your software developers read their most recent book, the better off your software infrastructure will be. Your software is critical to your organization; protect it as well as the gamers do.

(Exploiting Online Games: Cheating Massively Distributed Systems. By Greg Hoglund and Gary McGraw; published by Addison-Wesley, (Web); 384 pages; $44.99.)

Reviewed by: Ben Rothke, CISSP (Certified Information Systems Security Professional), a New York-based senior security consultant.


Let's get it straight -

Let's get it straight - there are no 12 year olds hacking in to World of Warcraft. There are gamers who are vulnerable to phishing scams and secondary purchases that have fraud issues, but please don't fabricate fear to support your argument. If you're looking to point a finger at cheating look at how the wow power leveling service industry operates - that's more of a grey area with some actual debate potential.


The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.