A former US military spy revealed that the vulnerabilities and threats faced by casino surveillance executives are only set to increase as the sector is projected to expand by $12 billion over the next few years.
Shawnee Delaney, CEO of Vaillance Group and a former clandestine officer with the Defense Intelligence Agency, took part in the World Game Protection Conference that was held at the Tropicana Las Vegas. Mr. Delaney, who has long-year experience in conducting human-intelligence operations in Afghanistan and Iraq, shared that security and cybersecurity actually had very much in common with espionage because the exact same techniques were used by social engineers, various malicious actors, and also spies to get access to companies, systems, people, and networks.
According to the Vaillance Group CEO, the casino industry featured some specific vulnerabilities, such as casino operators’ dependence on third parties, with a lot of money being generated by hackers using third-party systems to access casinos. More than half of gambling operators have been subject to a data breach initiated by a third party, with hackers having plenty of opportunities to access data by penetrating a casino network.
As the former military spy claims, so-called “third-party threats” are the ones that mostly get overlooked because gambling operators have no control over the decisions, hiring process, and employee training initiated by third parties. Apart from that, the way casinos use Internet connections for cameras, trackable casino chips, motion detectors, wearable devices, consumption-tracking technology, and cell phones has caused another major concern.
Casino and Gambling Companies Become Subject to Both Third-Party and Insider Attacks
Online gambling, which for the time being remains on the rise, is heavily targeted by various hackers trying to access customer accounts and steal personal data and banking details. On the other hand, casino investigation and triage is quite expensive, and vast criticism on the media could seriously hurt gambling and casino operators’ reputations because customers expect to have their personal and financial data protected.
An increasing number of hacker attacks on gambling and casino websites has occurred over the past decade, as confirmed by Mr. Delaney. The Hard Rock Hotel and Casino and the Las Vegas Sands’ online gambling platforms became one of the first victims of such attacks, with the two operators losing over $1 billion. These occurrences were followed by hacking attacks experienced by the Venetian and Palazzo in 2014, with both casinos having their websites taken down, and personal information of high-roller customers and staff members being stolen.
As CasinoGamesPro reported, two of the largest sports betting operators – DraftKings and BetMGM – also experienced a hacker attack late in 2022, with more than two million customer accounts being put for sale on the dark web.
But the problem is that casino and gambling operators become subject not only to outsiders but to insider attacks, too. The most common insider threats include sabotage, fraud, espionage, as well as theft of trade secrets and intellectual property. Workplace violence is also among the issues that occur more commonly.
Some companies’ employees are manipulated into revealing special credentials to third parties. Fraud, on the other hand, has been the only category that is committed by more women than men, and usually involves staff members working at the lower levels of the company. Motivation for such transgressions includes low-paying jobs, a lack of loyalty to the employer, addiction, debt, revenge, as well as a hostile work environment.
IT sabotage, however, usually comes from persons with privileged access, who commonly work in technical positions. Most of the damage is done after business hours, and approximately three-fourths of the attacks cause serious disruption of gambling operators’ businesses. Such employees are motivated by politics, financial gain, revenue, power, and addiction, quite similar to so-called corporate espionage that costs operators between $400 billion and $600 billion in the theft of intellectual property.