The recent wave of cyberattacks targeting the global casino and hospitality industries has raised alarm bells.
Carey van Vlaanderen, CEO of ESET South Africa, says smaller chains, online gaming sites and their customers are equally susceptible. Fortunately, there are steps individuals can take to reduce the risk of their personal details being compromised.
Sophisticated cyberattacks, like the one reported by MGM Resorts in the US, in which digital room keys stopped working and manual payouts were required for slot machines, are a stark reminder that cybercriminals are organised and highly skilled. However, it’s not only major international brands that have been compromised. Smaller entities have faced security breaches too.
Another case in 2023 involved a ransomware attack on a small US-based casino chain. According to reports, hackers spent four months exploring systems after breaching the company network, via a targeted phishing email sent months before.
Van Vlaanderen says cyberattacks can occur at any time, with increased likelihood during periods of heightened activity. “People tend to be much more relaxed, when engaging in leisure activities, including visiting casinos and online gaming. Cybercriminals are well aware of this, and will often target individuals when they’re less vigilant, or choose to attack businesses during busy periods for maximum impact.
“Casinos are complex ecosystems, often interlinked with hospitality services. This interconnectedness exposes them to a range of cyber risks, from customer data breaches to operational disruptions. This means that customer data available to hackers could include personal details of customers as well as sensitive financial information linked to the booking and rewards programme information for the hotels and dining establishments associated with casinos,” explains van Vlaanderen.
The popularity of online betting platforms and immersive gaming casinos has also become an attractive target for fraudsters. “Cyberattackers are well aware of the lucrative opportunities in online gaming. The integration of financial services, like credit cards and banks, into gaming accounts means there is a risk not only for the businesses themselves, but their customers too,” van Vlaanderen notes.
In light of the risks, robust cybersecurity measures are critical for individuals and businesses to safeguard their digital presence. “There are a number of steps and helpful guidelines to follow to safeguard personal and financial information in the gaming and hospitality sectors,” adds van Vlaanderen.
* Choose reputable and licensed casinos: Look for casinos regulated by established gaming authorities. Their compliance with strict regulations offers a layer of protection.
* Only use secure internet connections: Using private, encrypted networks rather than public Wi-Fi, can significantly reduce the risk of data breaches.
* Manage passwords carefully: Implementing complex passwords that vary across different platforms can prevent unauthorised access.
* Two-Factor Authentication (2FA): This security feature adds a critical second layer of defence, making it harder for attackers to gain access.
* Vet reputations: For businesses, choose a cybersecurity provider with a solid track record in managing enterprise environments. Individuals should also opt for reputable products that can protect the security of personal devices.
* Choose secure payment methods: Opt for casinos and online platforms that partner with reliable payment providers that are known for their security measures.
* Be vigilant against phishing: Be cautious when clicking on links in emails or text messages, as they may lead to phishing websites or other types of malicious content.
* Maintain updated systems: Regularly update operating systems, web browsers, and any other software so that the latest security patches and features are enabled.
* Responsible gaming practices: Set limits and monitoring your gaming habits can protect both your financial and personal well-being.
* Ongoing education: Staying informed about cybersecurity and researching the safety of online platforms before signing up can help individuals make safer choices.
“Although absolute security is challenging to achieve, these practices can significantly mitigate risks. Industry-wide cooperation and the sharing of best practices is another method of combatting threats more,” says van Vlaanderen.