Game Over?

Recent results from Sophos’s 40-day endpoint assessment test showed that 51% of endpoints tested had disabled client firewalls, and 15% had out-of-date or disabled endpoint security software.

Over the weekend as I installed a new game on my home PC I started wondering if gamers might in part be responsible for a proportion of statistics like this (obviously Sophos is primarily concerned with protecting business PCs, but I think it’s fair to assume that here and there you’ll find corporate environments where either Application Control isn’t enabled, where employees can game out of hours, or people take work laptops home and can’t resist a game or two etc.).

The game I was installing was EverQuest 2, and like lots of games of its kind it recommends that players disable their anti-virus software.

As both a gamer and a virus researcher I can understand both the reasoning and the danger behind this approach. A lot of the more popular PC games are hugely resource intensive, and the temptation is there to disable as much other stuff as possible to give the game a chance to run to its full potential. Anti-virus software is often one of the things users will sacrifice in an attempt to claw back system resources.

The key of course is to disable only NON-ESSENTIAL programs, and there’s absolutely no way anti-virus can be regarded as non-essential.

As if running without anti-virus protection wasn’t dangerous enough, gamers will then often go one step further and disable their firewall rather than go through the hassle of allowing the various required ports for certain games.

With no anti-virus and no firewall protection your machine is a total sitting duck for malware attacks. With the above in mind, gamers can make easy targets for malware authors, often playing online with totally unprotected machines.

In addition to this there’s also the wealth of malware out there that aims to steal game usernames and passwords, and consequently farm virtual resources into real world cash. Game password stealers are big business. Combine the two, and it’s Game Over.

The common sense approach is, of course, to keep your anti-virus software running, and not drop your firewall. Map your games’ required ports through your router and firewall, and close only non-essential applications if you need to maximise resources.

It goes without saying that the vast majority of gamers are sensible souls and know this already, but something somewhere is responsible for the number of unprotected machines out there, and this is just a theory of mine.