Focus on CasinoTrac: Maintaining security in a world of cyber threats

March 19, 2024 8:00 AM
  • Buck Wargo, CDC Gaming Reports
March 19, 2024 8:00 AM
  • Buck Wargo, CDC Gaming Reports

CasinoTrac systems by Table Trac, Inc. have withstood multiple ransomware attacks under the most dire circumstances during a time when the casino industry has come under increased attack for cybercrime, according to Chad Hoehne, president and CEO of Table Trac.

The CasinoTrac casino management system is known for delivering comprehensive insights ranging from accounting and revenue audits to rewards cards and promotions. The company is now driving an AI solution for problem gaming, money laundering and cybersecurity.

Hoehne spoke in February at a gaming industry conference on cybersecurity, and it continues to be a big topic for the company.

“We have taken a very serious approach to cybersecurity, and one of the things we’re proud of in our journey on cybersecurity is that our system has resisted ransomware attacks on more than five occasions in casinos where other systems were rendered useless during that period in time,” he said. “Their gaming floor and CasinoTrac system continued to operate 24/7 and their customers were never sent a letter that their personal information was breached.”

Hoehne said what’s helped CasinoTrac is its six-year business relationship with Tokyo-based Broadband Security Inc., which is listed first of the top 10 cybersecurity-focused service providers in Japan by Cybercrime Magazine.

“Looking back over those six years, that’s when Japanese integrated resorts were being contemplated, and they came over and analyzed the number of opportunities and became our distributor for the Japanese market,” Hoehne said. “They have a number of experts there that we talk to regularly about how to maintain our security stance.”

They have helped curtail cyberattacks and ransomware in the critical systems that is CasinoTrac – the host of the players club, accounting and revenue audit systems, operating the casino floor for players cards, cashless wagering, and ticketing.

“Another thing that helps us keep a high level of cybersecurity footing within our organization is our CFO Randy Gilbert. Years before joining our company he was also a Compliance and Sarbanes-Oxley Auditor with AC3 Compliance and regularly did security and cyber audits of other companies. He brings with us a wealth of familiarity of what other companies are doing in these areas and some things that have succeeded or not succeeded.”

Table Trac is taking the position that assumes the threats are already inside the firewall, Hoehne said. The advent of Windows client workstations that have some sort of a remote access or desktop sharing software systems helps enable that, he explained.

“The threat is no longer someone coming to the door and trying to get in,” he said. “The threat is really inside our building already. These machines make a connection out where the outside world can connect to it. Now, they are in and jump right over the firewall in most cases.”

This problem was spurred on by remote work during COVID and has extended on today as employees work at home some days of the week and connect in.

“In one example, they leave their computer at work turned on so that they can use their laptop at home and connect to it,” said Hoehne. “That PC from the outside world is inside of our network, and that’s where our problems can begin. The question is how can we build a system that can resist and repel these types of attacks in a critical work environment where we know half of the outside world is there.”

CasinoTrac uses COBOL, a programming language designed for mission-critical financial networks, governments, and business operations, on Linux servers, and provides the gaming industry’s most secure, unified, stable, and largely unattended casino management system.

Hoehne said the CasinoTrac platform’s security comes down to architecture and design of the system, utilizing components and technology that monitor the ability of other computers to transfer bytes on or off the server which can create a file that can later be used to activate a problem in the system.

“That means closing down things like shared drives because it makes for a vulnerability,” Hoehne said. “The importance of using APIs that are helpful in limiting exposure to having such a thing placed on a critical system.”

What happened with the cyberattack of MGM Resorts International and Caesars Entertainment last fall have heightened the awareness in the industry and brought a renewed attention to the issue.

“When that happened, it shook us, but this has been happening at places that are off the radar for years,” said Hoehne. “I’ve known casinos crippled for weeks due to a similar type of attack. It was some place where the world wasn’t watching.”

Table Trac will be at the Indian Gaming Tradeshow & Convention in April and showcase the system – and every visitor who comes through the booth will be asking about cybersecurity, noted Hoehne.

“That’s one of the first questions we get asked about the system when we are at shows,” he said.