Casino Cyber Attack
BROOKS (CBS13) — Cache Creek Casino and Resort is not taking any gambles. The casino is closed for business after an apparent cyber-attack on its system.
Cybersecurity stocks soar thanks to hack attacks It's been a year since American billionaire Sheldon Adelson's casino company was hacked. Now the blame is officially being placed on Iran. TORONTO - A major Canadian casino has been hit by a cyber attack in which sensitive customer, employee and vendor data was stolen, its management said on Thursday, warning there is a risk the. Attacks like these are significant and can take weeks to research thoroughly. Major Cyberattack The incident has been labeled as a major cyberattack after it was determined that the ransomware attack not only affected the casino’s business operations but it possibly compromised the electronic information of the California casino’s employees. Orthern California’s Cache Creek Casino Resort, which has been shut down since Sept. 20 because of what it called a “systems infrastructure failure,” confirmed Wednesday that its computer systems were the target of an outside attack and that the incident is under investigation.
The Casino closed operations on Sept. 20 after they said there was an external attack on their computer network.
But Cache Creek is not the only business losing bets, a nearby mini-market has seen a significant drop in customers without constant traffic coming from the casino.
All bets are off the table for Tracy Pryor who is a regular at the casino that shut its doors 10 days ago.
“We love going there and we are very sad that it’s not open. We go on date night, have dinner, gamble a little bit, get a room, it’s fun,” Pryor explained.
The closure at the biggest attraction in the Capay Valley is slowing business for those nearby including Esparto Grab and Go Market.
READ: Two Lincoln Homes Showing Political Support Vandalized With Spray Paint
“A lot of regulars, they come from Bay Area, Sacramento, they always stopover here. The last 10 to 12 days the lottery sales are low,” said owner Amrik Singh.
The Esparto Grab and Go Market has lost 50% in lottery sales alone and 20% in total business in the last week.
“We have been asking to their employees, nobody knows. Nobody has a straight answer of when they are going to open up,” Singh said.
In a statement posted on their website, the casino said they are looking into the source of the problem. They did not address what type of hack occurred or what sectors of their business have been impacted.
“The privacy of our guests and employees is our highest priority and we want to make certain they have some peace-of-mind. We are working closely with independent experts who regularly investigate incidents of this type to determine any risks to data security. Attacks like these are significant and can take weeks to research thoroughly,” the statement reads.
If customers’ or employees’ personal information was exposed, the Casino plans to notify them in writing.
“To further reassure our community, we repeat our commitment to continued full pay and benefits for our employees during this time, whether they have been asked to report for their regular shifts or not,” the statement said.
UC Davis cybersecurity expert, Matt Bishop, explained while hacks are common, said it’s unusual to be closed down for so long.
“I’ve not heard of this very often, so I would guess at this point they have shut things down to find out what happened because if they continue to operate that may obscure the data you need in order to trace this thing back. If you continue to operate hackers could always come back,” Bishop said.
There will not be a full house at this casino until the Cache Creek finds the source of the hack and how much damage was caused, according to Bishop.
“At this point, people should be concerned but not panic. Keep their eyes open to see if their credit cards or other aspects of their identity are being used without their knowledge,” he said.
The casino does not have a date to reopen but hopes to have one soon.
Most people know about phishing -- but one casino recently learned about the dangers of actual fish tanks.
Hackers attempted to steal data from a North American casino through a fish tank connected to the internet, according to a report from security firm Darktrace.
Despite extra security precautions set up on the fish tank, hackers still managed to compromise the tank to send data to a device in Finland before the threat was discovered and stopped.
'Someone used the fish tank to get into the network, and once they were in the fish tank, they scanned and found other vulnerabilities and moved laterally to other places in the network,' Justin Fier, director for cyber intelligence and analysis at Darktrace, explained to CNN Tech.
As internet-connected gadgets and appliances become more common, there are more ways for bad guys to gain access to networks and take advantage of insecure devices. The fish tank, for instance, was connected to the internet to automatically feed the fish and keep their environment comfortable -- but it became a weak link in a the casino's security.
The unnamed casino's rogue fish tank is one of nine unusual threats that Darktrace identified on corporate networks published in a report Thursday.
The report cites examples compiled from Darktrace's threat detection technology. Darktrace makes security technology that sits on a company's network and monitors the activity taking place. That could be anything from data transferred between computers or actions taken by a connected coffee maker.
When the technology notices an anomaly -- like a device that doesn't belongor data being sent somewhere it shouldn't -- it alerts the company's security team.
In another example of an unusual attack, smart drawing pads connected to insecure wifi were used to send data to websites around the world in what's called a 'denial of service' attack. A hacker had scanned the internet looking for vulnerable devices, and exploited them to try and flood other websites with too much traffic.
We've seen cybercriminals leverage connected devices for destructive purposes before.
Last year, the Mirai botnet took control of smart home devices, like security cameras, all over the world, effectively turning them into zombie machines directing web traffic to take down popular websites like Netflix and Twitter.
Cache Creek Casino Computer Hack
Fier, a former U.S. intelligence contractor, says he anticipates threats coming from more unexpected places. Phishing emails will be one way hackers can get onto systems. But things like insecure fish tanks connected to the internet will be another.
Cache Creek Resort Casino
'In the current cyber climate with political and corporate espionage, I think you're going tostart to see attackers, whether nationstate or criminal, having to get more creative in their attack vectors,' Fier said.