Another Gaming Security story. Cache Creek Casino Resort, in northern California, has been offline since late September due to what it calls a "systems infrastructure failure". Their computer systems were the target of an outside attack and that the incident is under investigation.
September seems to have been a pretty lousy month for the gaming sector. We responded to 17 gaming operators in difficulty. They experienced attacks ranging from denial of service through to breaches and ransomware demands.
"While our investigation is ongoing, we have confirmed the cause was an external attack on our computer network," the owners of the casino, said. "The privacy of our guests and employees is our highest priority, and we want to make certain they have some peace-of-mind."
Attacks like these are simple to prevent, and a pound of prevention equated to approximately 100 of cure. The trouble is the perception that sound systems security is just an 'IT' problem. Operators don't want to spend more budget on 'IT'. It is a sad pattern, but let us have a look at some correlating factors by reviewing the last 5 cases across our desks.
$20k Ransomware Attack
Security in Gaming has always been an arms race. The good guys forever trying to keep up. The ransomware attack was an interesting case. Not because of the attack in the first place, but because of what happened afterwards. The operator had failed to put in place suitable system backups, to the extent that they had no real viable backups. The restoration was near impossible. They paid the first ransom. A week later it happened again, and this time the ransom doubled.
The second random attack came from within the file containing the decryption code for the first attack. Seasoned security professionals would have seen it coming, but the overworked and tired IT team missed it. Everything decrypted, and they went about their business. A new backup solution was ordered and was due in two weeks. They lucked out.
DDoS Attacks x 4
I have dealt with DDoS (Distributed Denial of Service) attacks since 2000. They were common back then, and they have pretty much remained the same way. September saw responses to four gaming operators experiencing DDoS attacks. One of them had half of the protection needed and relied on a developer to configure it. The other three had all the security in place, but it was either disabled or poorly configured. Our consulting team can help you get these fixed.
Lessons to Learn
The lessons should be reasonably clear: