They say the house always wins, unfortunately for the gaming industry that rarely happens when it comes to ransomware. The gambling industry has certainly become a favorite for cybercriminal gangs, with a 2022 study showing that cyberattacks on casinos and gaming companies have increased at a rate A massive 167% in one year.
When it comes to casinos making headlines for ransomware, the list is long, and it spans the globe. Notable incidents include Crown Resorts casinos in Australia, Wrest Point and Country Club in Tasmania, Gateway Casino and Entertainment in Canada, Lucky Star Tribal casinos in the US, and online casinos DraftKings and BetMGM to name a few.
The fallout from such attacks can be catastrophic. Obviously there can be massive ransom demands to deal with, while operationally some are forced to close the doors until operations can resume, but it is what comes after the patch that is the real concern as we can see in the case of Rancho Mesquite. Following a successful ransomware attack, the organization, which owns and operates three locations, is facing a class action lawsuit as a result of the data breach that affected 200,000 customers.
In 2022, US casinos alone reaped more than $60 billion in gambling revenue, and that doesn’t include the billions made by tribal casinos. With billions in revenue and an abundance of sensitive data relating to millions of customers, it’s no wonder they’ve become such a target for criminals Cyber.
Late last year, security experts warned that attacks on casinos would become more sophisticated as they became more sophisticated, and the FBI issued a warning to tribal casinos to be on high alert against ransomware attacks.
New cyber security regulations
In December, the Nevada Gaming Commission (NGC) announced that it had adopted New cyber security regulations For certain game operators. Organizations have until December 31Street2023, to fully comply with new regulations including:
- Taking steps to secure and protect systems from cyber threats
- Documenting all measures taken to comply with the requirements and maintaining records that must be available to the board for a period of 5 years
- Performing an initial risk assessment and developing best practices for cyber security
- Continuous monitoring of cyber security risks
- Providing written disclosure of cyber attacks to the board of directors within 72 hours
- Investigating the incident and preparing the findings report
Bridging the cyber security gaps
Those responsible for compliance with this new legislation must look beyond traditional defense-based cyber security to prevent attacks. A quick look at some of the successful ransomware attacks this year, and the well-known companies that made the victim list, provides insight into what not to do. The days of relying on traditional tools focused on perimeter security are well behind us. Newer technologies focused on preventing and preventing data leakage provide new barriers to stopping data extortion.
With 1 in 2 companies now experiencing a cyber attack, it’s only a matter of time before a breach occurs. Organizations can also be confident that their data is the ultimate prize for attackers, with 89% of ransomware attacks now exfiltrating data. As hackers move away from encryption to focus on extortion and extortion, preventing any unauthorized data extraction must be a key component of any cyber security strategy.
Winning the war on ransomware
When it comes to cyber attacks, all roads lead to data theft. Without it, there is no success for the attackers. No data filtering equals ransom, no extortion and no data breach. Third-generation cybersecurity solutions that focus on data exfiltration prevention are now a critical layer in a strong cybersecurity strategy. BlackFog’s fully automated 24/7 ADX technology prevents real-time cyberattacks and ensures that if cybercriminals manage to bypass traditional defenses, they cannot remove any data.
