Its different from game to game. Lots of games require a user to login and a server to play on, that means the servers can validate if the user is valid and has spend money to buy the game.

So many MMORPGs dont realy need traditional DRM protection, you can download the clients or launchers for these games for free in most cases.

Games that dont have that(single player offline games mostly) are more complicated. Games can try to encrypt their game files or many other things to make it more complicated for someone to copy them, but findamentaly if you controll your computer you can obserce that and revert whatever they did to prevent the copy.

This is why most games opt for some kind of login server. Even lots of singleplayer games have launchers and users and logins just for that reason.

Evidently they don’t really work.

There are some tools that pirates use to crack games that game devs actually know about, and can create detection algorithms for, but pirates also know about these algorithms enough to make them inert. Game devs can’t really develop a game that will entirely block it from being cracked, it’s just not possible as long as the game allows for a local install. The moment cloud gaming becomes a thing, pirating games will become infinitely harder and more complex, and mostly stick to older titles.

PC and consoles have very different approaches.

On consoles, the platform security depends on the closed nature of the platform. The discs are custom made and cannot be copied correctly or even read by PC drives. The console checks the discs for authenticity.

Digital console games all have there executables signed by the platform provider and contains a license encrypted only to the particular security processor in each console. Only that console can decrypt, verify the keys and decrypt the actual game package to be able to run it.

Making sure the console always boots from genuine console software so it’s not possible to bypass any of the checks, or dumping out keys and decrypted game packages is the core of console security.

On PCs it’s a different story. PCs are open platforms so anything has to have an unencrypted piece of code to start from even if the rest of the content is encrypted, meaning they eventually get dumped unencrypted and modified to skip checks, instead the game publishers choose to obfuscate the executable as much as possible using tools like Denuvo, making it harder to find where the checks are and patch them out.

This only need to buy enough time for most of the game sales to take place. After which the publishers usually release de-obfuscated version of the game because obfuscation slows things down. That’s what you see as publishers releasing DRM-free patches.