Cyberattacks against casinos carried out on behalf of the Russian state to help fund the war against Ukraine are on the increase, according to an expert speaking at the Cyber Security Summit this week.
David Rees, a cybersecurity expert and executive director at Howden Insurance Brokers, spoke about a recent increase in hackers targeting tribal casinos in particular:
Bad actors“I have to be careful when I say this. I’m not saying all ransomware attacks come from Russia, but a lot of ransomware attacks come from Russia.”
Rees added: “Given what’s going on between Russia and the Ukraine, the drop in frequency was the Russian hackers, who at one point were sitting in an office carrying out ransomware attacks, were finding themselves on the front lines fighting in Ukraine.
“As for why that’s increasing again, if they’re from Russia, one of the things Russia needs at the moment is money to fund the war. That’s the thought process, but it’s shared among quite a few people.”
The hack attackThe third-annual Cyber Security Summit, sponsored by TribalHub, heard from Rees how the attackers work: “Someone attacks your system, locks down and encrypts your data, and demands money to get that data back.”
“If you have backup, in theory you don’t have to pay that ransom. What we’re starting to see is that these hackers are starting to not only lock down the data, but stealing it at the same time.
“They say if you don’t pay, we’re going to release that data into the dark web or in the public domain where you find yourself in a privacy breach.”
Crazy increase in ransomware attacksKimi Gordy, a partner with the national law firm BakerHostetler, who counsels clients on cyber-security breach response and regulatory defense, agrees with Rees.
Gordy confirmed that “ransomware has gotten crazy in the last three weeks,” revealing there had been seven new attacks against her company’s clients.
“This week, we actually had one of our clients, the CEO of the company, receive a money plant via a florist at the house, saying, ‘Hi, thinking of you, signed the threat actor.’ They’re getting creepier, scarier, and a little more personal.”
Gordy explained that the hacks are not as simple as many might imagine: “I think there’s a misunderstanding that hackers see a casino and think we’re now in ‘Oceans 11’ territory, where we have vaults of cash and an instant windfall.”
“They’re not seeing it’s more complicated and that it’s probably going to impact schools, government, and hospitals. Tribes have all the major businesses and target areas. That is a huge risk.”
Hackers have reportedly accessed tribal cyber-insurance policies to see how much coverage they have in the event of an attack. This allows them to accurately gauge their demands after attacking the tribal security systems.
The fish-tank hack
In one incredible instance, security was breached via a casino’s fish tank, according to former spy and now Vaillance Group CEO, Shawnee Delaney.
Delaney told attendees at the World Game Protection Conference at the Tropicana Las Vegas how the fish tank’s thermometer was connected to the internet, allowing hackers to access the casino’s network.