Cyber Attack Campaign Targets Gambling and Gaming Companies, Israeli Cybersecurity Firm Warns

NICG Highlights the Significance of Correct Cybersecurity Measures in Tribal Casinos within the Wake of Latest Cyberattacks —

The Nationwide Indian Gaming Fee (NIGC) highlighted how essential it was to undertake superior expertise geared toward defending customers from cyber threats.

At a time when quite a lot of cyberattacks have targetted main business casinos within the US, the NIGC has praised tribal-owned properties, together with in New York the place there are at the moment seven tribal casinos, for the intensive cybersecurity measures they characteristic. The federal regulatory physique drew parallels to medieval fort defenses and highlighted its “Protection in Depth” technique which applies to a number of layers of protecting mechanisms geared toward defending info, information, and knowledge programs.

Just lately, the Nationwide Indian Gaming Fee issued an announcement saying that cybersecurity assaults have turn into more and more prevalent throughout varied organizations within the nation, no matter their dimension, and haven’t proven any indicators of lower.

In response to the regulatory physique, firms ought to make certain they make use of a complete cybersecurity method to forestall such breaches and considerably cut back the potential vulnerability of their IT programs. The Fee additional defined that the discrepancy in cybersecurity outcomes will be attributed to the three-pronged method of its members, which incorporates administrative controls, technical controls, and bodily controls.

Aside from that, in its assertion, the NIGC supplied extra details about the cybersecurity methods employed by the group’s member casinos and highlighted the utilization of {hardware} firewalls, antivirus software program, authentication controls, {hardware} firewalls, and so-called MFA, or multi-factor authentication.

MGM Resorts and Caesars Leisure Hit by Scattered Spider Group’s Cyberattacks

Sadly, though its “Protection in Depth” safety structure has been fairly efficient, the Nationwide Indian Gaming Fee acknowledged that it’s unable to totally eradicate the danger of cyberattacks. As defined by the physique, such deceitful strategies don’t depend upon software program safeguards alone but additionally require firms to implement and observe strong protecting insurance policies.

As CasinoGamesPro reported earlier this month, two of the biggest playing and on line casino operators – MGM Resorts and Caesars Leisure – grew to become topic to hackers in August 2023. In each circumstances, the hacker assaults resulted in important disruptions to the 2 firms’ operations.

One New York on line casino owned by MGM Resorts Worldwide fell sufferer to the assault, which was attributed to the Scattered Spider felony group at a later stage. In response to estimates supplied by David Katz, a gaming trade analyst at Jefferies Group, the cyberattack towards the playing and hospitality group has value the corporate income value greater than $8 million per day.

Reportedly, one other on line casino and playing large – Caesars Leisure – additionally paid thousands and thousands of {dollars} to hackers following a malicious cyberattack that will have been related to the same incident at MGM Resorts. The assault was additionally attributed to the UNC 3944 group, also called the Scattered Spider. The hackers focused Caesars Leisure’s confidential information, with the assault finally inflicting a decline within the firm’s inventory costs.

What makes the circumstances of MGM Resorts and Caesars Leisure very a lot alike is the truth that hackers managed to use some vulnerabilities in each firms’ programs within the type of social engineering. As CasinoGamesPro reported, the Scattered Spider group deceived employees members from the IT Assist Desk by way of telephone calls after which used VoIP expertise to pose as assist workers and get their passwords.

Author: Donald Price