For casino-system producers, cybersecurity is at the forefront and their approach to ransomware attacks against tribal and commercial casinos has evolved with their partners.
The topic was broached at the TribalNet Conference & Tradeshow last week in Reno. Moderator Patrick Tinklenberg, vice president of IT at Sycuan Casino in San Diego, said it’s on top of mind for casinos.
“We want to make sure we’re protecting the core system that runs all of gaming in our environment,” Tinklenberg said. “What are you doing to help us protect those games and are there things we could do to help?”
Jon Wolfe, president of global systems and services at Light & Wonder, said the issue needs further dialogue, with a tighter partnership between operator and manufacturer.
“Historically, the operators have said, ‘Look, your network is your problem and we run in your network,’” Wolfe said. “A lot of us all have evolved such that we play a role too. Part of that is embedding solutions into our products. We think cybersecurity really starts at the inception of the product you’re building.”
Light & Wonder has been investing a lot of money in the continued training of all of its engineers, product managers, and quality-assurance staff to make sure cybersecurity and security practices are on the forefront, Wolfe said. The individual tracks depend on the type of discipline. Web and mobile developers, for example, take different courses.
“Constant reinforcement and training make sure those practices are built into our products, so you guys can rest easy in the event that something happens at the network level. Our applications are resilient enough that they won’t provide additional exposure,” Wolfe said. “We’re seeing real resistance to outside threats show up in our penetration tests.”
Jacob Lanning, IGT’s senior director of business development, payments, said operators and the industry as partners can do a lot of things better to ensure the systems are more secure. Keeping gaming as isolated as possible through firewalls helps prevent intruders from entering and embedding such technology as multi-factional authentication and single sign-on integrations are important.
“A lot of times, the way people get in is by phishing attacks with a list of log-ins that aren’t up to date and allow previous employees access to the system, because they weren’t removed,” Lanning said. “One of the things IGT does that is differentiated and has an impact in the way we do cybersecurity is almost 10% of our install base is running systems in the cloud. It gives us a strong position.”
Lanning said running their environment in the cloud has helped. He cited a CrowdStrike incident where almost the entire country had all sorts of systems go down.
“We were able to get our systems back up in a cloud environment, not only because we had early detection, but we recognized there was an outage and recovered from it faster,” Lanning said. “In another instance, a casino client experienced a ransomware attack and lost most of their systems, but because the IGT system was in the cloud, it was the one environment they didn’t lose. Looking at how you deploy your infrastructure is almost as important as making sure it’s protected and walled off from cyberattacks.”
Ted Keenan, vice president of product management for gaming systems at Aristocrat Interactive, said his company is open about its security plan, gets a third-party audit, and shows customers what they’re doing to fix their own systems.
“Not the systems that we sell to you, but how we develop products,” Keenan said. “All of that has to be secured as well. We use the same vendors to run a webinar series and all of our customers are invited. That way, they understand why we selected that particular vendor, what the vendor does, and if there’s any applicability for that vendor to be working with some of our customers. That series has been very productive for us in crafting that type of relationship.”
When casinos get audits, Keenan said they talk to them about how Aristocrat can play a part to improve their systems and audit scores.
Chad Hoehne, the founder, president and CEO of Table Trac, said they’ve been working for six to seven years with their Japanese distributor and leading cybersecurity company to recognize vulnerabilities and close them off. There have been 18 to 20 ransomware infections inside of the networks they’re operating. Those infections took out point of sale, domain servers, and exchange, but the gaming floor stayed up and running during the event.
“They didn’t have to send out letters to their patrons telling them their personal information might have been breached,” Hoehne said. “We do this by hardening the system against internal threats. We assume when we go into the environment that it’s already infected with ransomware that just hasn’t attacked yet. By building systems from that perspective, we successfully hold back that threat for our customers and keep our gaming floors up and running.”
