Panelists at a discussion at the December conference in Las Vegas of the National Council of Legislators from Gaming States warned that casinos are vulnerable to an increasingly sophisticated effort by hackers to breach data in cyberattacks.
With recent cyberattacks having shut down casino operations in several states, including two in Downtown Las Vegas plus a recent data breach at DraftKings, the panelists said ransomware attacks have caused millions in damages, and added that the frequency of such attacks is rising quickly.
“The current trends in cybersecurity have gone up 400 percent in the last year and (other attacks) have gone up 300 percent in the last year and a half,” said Michael Tobin, CEO and founder of Continent 8 Technologies, according to CDC Gaming Reports.
“A huge amount of hacktivists out there are targeting people,” Tobin said. “It’s only going to get worse, as artificial-intelligence techniques are developed using supercomputers. There will always be bad guys and you have to be one step ahead of them.”
Tobin said regulators, policymakers and practitioners need to work together to deal with this problem. “Even some of the largest gaming companies don’t have people with the skills to defend them,” he said. “The processes that you need to put in place to monitor are extremely critical and the technology is always changing and needs to be a constant focus for all of us.”
Michael Morton, senior policy counsel for the Administration Division of the Nevada Gaming Control Board, told attendees about the cyberattacks faced in Las Vegas over the years, some of which was the most detailed information that’s been released to the public—including confirmation that cyberattacks hit Four Queens and Binion’s in Downtown Las Vegas in February.
“The two downtown casinos went black for five or six days,” Morton said, according to CDC. “An apparent computer outage affected the slot machines and other technology systems on the casino floor. It shut down the casinos’ websites and affected hotel check-in procedures to the point where guests had to pay cash to get into their rooms, because none of the computer systems was working.”