Posted on: September 19, 2023, 01:16h.
Last updated on: September 19, 2023, 01:16h.
After seeing two of their rivals — Caesars Entertainment and MGM Resorts International — victimized in ransomware attacks, more casino operators are looking to shore up their cybersecurity platforms.
Those events — one of which compelled Caesars to pay the bad actors and the ongoing attack on MGM’s database — highlight the cybersecurity vulnerabilities of the travel and leisure industry and the need for that segment to embrace preventative measures.
In light of last week’s incidents, Waterfall is seeing an increase in interest from major facilities. We saw the same after the attack on Colonial Pipeline, an attack that led to sweeping new regulations from the Transportation Security Agency,” said Waterfall Security Solutions CEO Lior Frenkel in comments made to Casino.org.
Founded in 2007 and the holder of 14 patents, Waterfall is a provider industry-level cybersecurity solutions.
Casino Operators Contacting Waterfall
Frenkel didn’t identify the companies by name, but he noted that in the wake of the Caesars and MGM ransomware attacks, more gaming companies, including those with “operations in the United States and the Far East,” have been in touch with Waterfall.
That makes sense because there are financial consequences to ransomware events. While Caesars hasn’t disclosed the exact amount one of its insurance carriers paid to a hacking group, it’s rumored to be $15 million to $30 million. For its part, MGM may have lost as much as $84 million in revenue due to an ongoing data breach that started on Sept. 10.
“Additional risks to MGM include potential revenue losses while systems were down, reputational risk and any direct costs related to investigation and remediation. Litigation expense or liability that the company may have because of compromised data, to the extent there is any, is also a risk,” according to Moody’s Investors Service.
Frenkel noted that gaming faces some of the same cyber challenges as other industries, including the need to address vulnerabilities before those weaknesses are turned against a company.
“In terms of improving security, casinos, like many other industries, need to increase awareness of their vulnerabilities, strengthen network segmentation, limit access control, and strengthen practices around patching and updates, and especially remote access,” said the Waterfall CEO.
Casino Operators Face Unique Cybersecurity Challenges
All industries are grappling with cybersecurity threats, but those issues are pronounced in gaming due to the massive amounts of sensitive consumer data casino operators are tasked with guarding. Alone, that makes casinos prime targets for hackers.
Throw in the point that land-based casinos increasingly depend on internet connectivity to power seemingly mundane tasks, such as elevators and heating and cooling, and the need to bolster cyber defenses grows. That’s vital because cyber criminals aren’t relenting and will continue upping their technology proficiency.
“Today, criminal groups are using what used to be nation-stage tools and techniques to carry out their attacks,” concludes Frenkel. “And unlike nation states, these criminal organizations go after everyone with money, using these nation-state approaches.”
