They say the house always wins, unfortunately for the gaming industry its seldom the case when it comes to ransomware. The gambling industry has certainly become a firm favorite for cybercriminal gangs, with a 2022 a study showing that cyberattacks on casinos and gaming companies had increased by a massive 167% in one year.
When it comes to casinos making ransomware headlines, the list is long, and it spans the globe. Notable incidents include Australia’s Crown Resorts, Wrest Point and Country Club casinos in Tasmania, Gateway Casino and Entertainment in Canada, Lucky Star Tribal Casinos in the US, and online casinos DraftKings and BetMGM to name a few.
The fallout from such attacks can be catastrophic. Obviously there can be massive ransom demands to contend with, while operationally some are forced to shutter the doors until operations can resume, but it’s what comes after the remediation that is the real concern as we can see in the case of Rancho Mesquite. Following a successful ransomware attack, the organization, which owns and operates three locations is dealing with a class action lawsuit from the resulting data breach which impacted 200,000 customers.
A lucrative target
In 2022, US casinos alone reaped more than $60 billion in gambling revenues, and that doesn’t include the billions that were made by the tribal casinos. With revenues in the billions and a plethora of sensitive data relating to millions of customers, it’s hardly a surprise that they have become such a target for cybercriminals.
Late last year security experts warned that attacks on casinos would become worse as they increased in sophistication, and the FBI issued a warning to tribal casinos to be on high alert for ransomware attacks.
New cybersecurity regulations
In December, the Nevada Gaming Commission (NGC) announced that it had adopted new cybersecurity regulations for certain gaming operators. Organizations have until December 31st, 2023, to fully comply with new regulations which include:
- Taking steps to secure and protect systems from cyberthreats
- Documenting all measures taken to comply and maintaining records which must be available for the board for a 5 year period
- Conducting an initial risk assessment and developing cybersecurity best practice
- Continuous monitoring of cybersecurity risks
- Providing written disclosure of cyberattacks to the board within 72 hours
- Investigating the incident and preparing a report of the findings
Bridging the cybersecurity gap
Those responsible for complying with this new legislation must look beyond traditional defensive based cybersecurity to prevent attacks. A quick look into some of the successful ransomware attacks this year, and the well-known companies that have made the victim list, provides an insight into what not to do. The days of relying on traditional tools that focus on securing the perimeter are well and truly behind us. Newer technologies that focus on prevention and anti data exfiltration provide new barriers to stop data extortion.
Beating the odds
With 1 in 2 companies now experiencing a cyberattack it is only a matter of time before a breach occurs. Organizations can also be certain that their data is the ultimate prize for the attackers, with 89% of ransomware attacks now exfiltrating data. With hackers moving away from encryption to focus on exfiltration and extortion, preventing any unauthorized data exfiltration must be a key component of any cybersecurity strategy.
Winning the war on ransomware
When it comes to cyberattacks, all roads lead to data exfiltration. Without it, there is no success for the attackers. No data exfiltration equals no ransom, no extortion, and no data breach. Third generation cybersecurity solutions that focus on preventing data exfiltration are now a critical layer in a strong cybersecurity strategy. BlackFog’s fully automated 24/7 ADX technology prevents cyberattacks in real-time and ensures that if cybercriminals manage to bypass traditional defenses, they will be unable to remove any data.
Related Posts
CDK Global Ransomware: What Happened and How It Impacted Businesses
Here you will learn about the CDK Global ransomware attack, the impact on auto dealerships, relevant recovery steps and general cybersecurity practices for businesses.
Ransomware Containment: Effective Strategies to Protect Your Business
Discover effective ransomware containment strategies for your business. This guide discusses network segmentation, zero trust, and practical best practices for IT managers and cybersecurity professionals to reduce ransomware damage.
Ransomware Meets Retail: Sainsbury’s, Starbucks and Morrisons Feel the Heat from Blue Yonder Attack
The Blue Yonder ransomware attack disrupted major retailers like Sainsbury’s, Starbucks, and Morrisons, highlighting the vulnerabilities of global supply chains and the urgent need for stronger cybersecurity defenses.
Top 5 Cyberattacks During Black Friday and Thanksgiving
Find out about the top five biggest cyberattacks for Black Friday and Thanksgiving, from data breaches and ransomware, to see the risks businesses experience during the holidays.
Healthcare Ransomware Attacks: How to Prevent and Respond Effectively
Learn how to protect yourself from healthcare ransomware attacks. We discuss the main security weaknesses, suggest security steps, and offer possible means of protecting patient information.
Everything That You Need to Know About the Dark Web and Cybercrime
Learn about the dark web, including who uses it, how it operates, and what tools cybercriminals obtain on it. Find out how BlackFog monitors networks, forums, and ransomware leak sites in order to stay ahead of new threats.