The Importance of Cybersecurity in the Online Casino Industry

MGM Resorts said in a statement late Monday night that its resorts “continue to deliver the experiences for which MGM is known,” including its dining, entertainment and gaming options. The Cybersecurity and Infrastructure Security Agency, which is part of the U.S. Department of Homeland Security, announced on Thursday that it is in contact with MGM Resorts « to understand the impacts of their recent cyber incident. » The FBI said an investigation was ongoing but offered no additional information.

Incident response refers to how quickly and efficiently an IT team responds to a cyberattack and its aftermath. A secure and trustworthy casino will often assign key stakeholders who will act as leadership if an incident occurs and communicate the plan for the incident response to other departments. More importantly, crypto casinos are not the only ones that need to have a gaming license, and casino employees, especially croupiers, need to have valid gambling licenses that allow them to work in that position. An operator is only as good as its games, and if hackers are able to compromise the integrity of game play, there’s a risk of undermining wider trust in the fairness and legitimacy of online platforms. Shares of MGM Resorts International were down nearly 2%, to $40.97, on Friday, as the company continued grappling with its cybersecurity woes.

The November Formula One Las Vegas Grand Prix and February’s Super Bowl should help MGM recover quickly from the cyberattack that ravaged the company in September. Nevada’s nonrestricted licensees will have until Dec. 31 to prepare and submit a cybersecurity plan to the Gaming Control Board. “I think there’s a role for us to play in that conversation, but depending who the criminals are, that’s an international organization. Then now you’ve got the State Department and there might be some national security implications involved,” Rebuck said. At the time, Okta’s chief security officer David Bradbury told The Register that Scattered Spider was behind these attacks.

By Thursday, Caesars Entertainment — the largest casino owner in the world — confirmed it, too, had been hit by a cybersecurity attack. The casino giant said its casino and hotel computer operations weren’t disrupted but couldn’t say with certainty that personal information about tens of millions of its customers was secure following the data breach. The casino giant said its casino and hotel computer operations weren’t disrupted but couldn’t say with certainty that personal information about tens of millions of its customers was secure following the data breach.

If an online casino hides the terms or buries them too deep on it’s website, that is by no means an acceptable way of doing business and should be noted as a warning sign. Sometimes there’s only one general t&c for all bonuses offered, as opposed to providing a unique and easy-to-overview terms for each promo. For me personally this shows a certain level of amateurism and indolence and reflects poorly on any operator guilty of this.

• If you win it’s because you are lucky and has nothing to do with being Wednesday 7 pm, snowing or Uranus crossing your ascendant right now.
• But with the goalposts constantly moving, this is an ongoing and uphill battle.
• Online casinos are subject to licensing, and to get those licenses granted, they must adhere to a strict set of regulations.
• A multi-layer cybersecurity strategy is essential for any business that operates with finances, processes transactions, and stores large amounts of sensitive and personal information.
• If an online casino hides the terms or buries them too deep on it’s website, that is by no means an acceptable way of doing business and should be noted as a warning sign.
• While this isn’t a technology, it is built into their websites in the form of blog posts.

The regulation also says a casino that has been attacked has 72 hours to report it to regulators. Its CEO, Bill Hornbuckle, told Bloomberg his reasons for not caving to the crooks’ extortion were not driven by nobility. « We have no evidence that the criminal actors have used this data to commit identity theft or account fraud. » Sources earlier told Reuters AlphV worked with another outfit named Scattered Spider to break into MGM systems and steal data to hold for extortion. “Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter,” MGM Resorts posted on social media.

“It’s not required right now,” Hendrick said of insurance covering cyberattacks. “I think most operators have already seen that as a cost of doing business and already have it. Right now it hasn’t been mandated, but it’s certainly something that the board and commission could look at. Nevada doesn’t require casino companies to carry cybersecurity insurance, but most of them do as a cost of doing business. After the attack last month, customers posted social media images showing slot machines with error messages and queues at hotels in Las Vegas. After seeing two of their rivals, Caesars Entertainment and MGM Resorts International, victimized in ransomware attacks, more casino operators are looking to shore up their cybersecurity platforms.

Yet, in our modern interconnected age, we must remember that everything from washing machines to refrigerators has internet features. While some casino games may seem simple, there’s a lot of technology that goes into our favorite games. Banking and finance bodies used by players to top up their accounts need protective measures and, finally, further technological requirements from the governing bodies. The casino companies themselves need to work with all possible security technology and quick implementation. The technology behind cryptocurrencies like Ethereum and Bitcoin is called blockchain. Blockchain offers an extra layer of protection as it is decentralized, a strict ledger is kept – and it is untameable.

A security-minded patron choosing which casino to play should examine the casino’s reputation and trustworthiness. While all of the steps above protect the casino’s digital infrastructure, patrons need protection also. One of the most effective ways that casinos can guard their patrons is with secure transactions.

One state that does require cybersecurity insurance is Massachusetts, where MGM operates MGM Springfield. Cyberattacks on Caesars, MGM properties lead to discussions by gaming regulators on opening day of G2E conference in Las Vegas. Scattered Spider is reportedly an affiliate of ALPHV, also known as BlackCat, a ransomware-as-a-service (RaaS) operation that rents its malware to other criminals. gclub casino These steps, we’d assume, including paying the ransom demand – which was reportedly negotiated at $15 million after an initial demand for $30 million. Hackers often hold stolen data for ransom and may also leak it to public forums or sell it to other cybercriminals. One of the world’s largest gambling firms, MGM shut down its systems after detecting the attack to contain damage, it said.