Casino industry remains vulnerable to more cyber attacks

February 7, 2024 3:28 PM
Photo: WGPC
  • Buck Wargo, CDC Gaming Reports
February 7, 2024 3:28 PM

Overconfidence and a false sense of security rendered Las Vegas and the casino industry vulnerable to cyberattacks last fall and, according to a cybersecurity expert, hackers are ready to pounce again if operators drop their guard. Dan Lohrmann, who led Michigan’s cybersecurity teams and has advised the White House, the Department of Homeland Security and National Governors Association, will be participating in the World Game Protection Conference later this month.

Story continues below

This year’s WGP Conference will take place Feb. 27-29 at the Tropicana Las Vegas brings together casino surveillance and security executives from around the world. An added element this year will focus on cybersecurity in the wake of the September attack on MGM Resorts International. The attack impacted slot machines, ATMs, and computer systems at MGM properties around the country and hackers obtained Social Security and passport numbers.

Caesars Entertainment also reported a cyberattack, but avoided any major issues after reportedly paying millions in ransomware. MGM said it paid nothing.

Lohrmann will host “Cyber Mayday and the Day After,” also the title of his book. He’ll discuss the state of ransomware, managing cyber emergencies, the causes for the increase in attacks, what action government leaders and executives can take before, during, and after an attack, and key lessons learned over recent years.
“Can you 100% promise you’ll never get hit by ransomware? No. But the takeaway is that you can take steps to dramatically reduce the likelihood of a breach and ransomware attack,” said Lohrmann.

“Everybody (in the casino-security world) wants to talk about the two big hits in 2023,” Lohrmann said. “It’s hit every industry from banks to the U.S. Defense Department, government agencies, schools, and universities. Am I surprised they got hit? No. It’s happening across the board.

Lohrmann said MGM and Caesars believed they were prepared for cyberattacks, but clearly they weren’t. They provided “a wakeup call” for the gaming industry globally.

“I’m sure they had good programs and good teams, but in many of the stories I’m going to tell from the front, people are overconfident. Big financial institutions think it can’t happen to them, but it did. I’ve interviewed hundreds of companies around the world that have been hit and they all thought they were ready and made excuses after the fact.”

Lohrmann warned the casino industry against dropping their guard and thinking they won’t be hit again if they’ve already faced a cyberattack. Like banks, casinos have millions of dollars that criminal organizations want to target.

“They’re coming back, no question,” Lohrmann said. “It’s happening across the board. Companies have been hit, ransoms were paid, people didn’t make any changes, and hackers were back two weeks later and did the same thing. Just because you got out of a situation with good systems or paid the ransom, if you don’t learn from that and make changes, you will get hit again. It may not be the same people or organized criminals that come after you, but it puts a target on your back, and other groups will take that as an opportunity. The other casinos need to learn the lessons from the ones that went through this and learn from the wider global financial-services industry that have targets on their backs.”

In continuing on the cyber theme, Christopher Hadnagy, founder and CEO of Social-Engineer LLC, will talk about the growing threat of social engineering as a means of swindling businesses and organizations.

“Ransomware groups have learned that social engineering is the easiest way to get people to comply,” Hadnagy said. “They do OSINT, open-source intelligence. They did that on the tech person at MGM. They called tech support and reset his account, because they had all his information to answer security questions. Once they were in his account, they installed ransomware, which went through the whole network and shut everything down. At the end of the day, the human that gets tricked into doing these things ends up being the biggest problem.”

Last spring and summer, scammers in Nevada and across the country convinced casino cashiers to hand over hundreds of thousands of dollars in cash. In the case of Circa Las Vegas, a scammer posed as a casino co-owner, phoned the cage, and asked a supervisor for cash, leading to the theft of $1 million. An arrest was later made in the case.

“AI has advanced so much and so fast that we’re seeing this with deep fakes, like what happened with Taylor Swift (nude) videos and with voices. They can clone someone’s voice with only three seconds of audio. They can create very convincing AI doppelgangers. We’re seeing AI used a lot as an attack platform. It’s a scary time for every business, but anyone who has large amounts of money with millions and billions of dollars, these networks are targeting you.”