Global cybersecurity firm IntSights Cyber Intelligence Ltd says it has identified nearly 1,500 online security threats – from the so-called “Dark Web” – aimed at casino resorts within a six-month period.
IntSights said it used data mining and artificial intelligence tools to scan the “Clear” and Dark Web to find what it referred to as “intelligence” on 30 “leading gambling resorts”, in order to understand threats facing the industry. It didn’t identify the resorts concerned.
The company says it employs staff with backgrounds in “elite military cybersecurity and intelligence units”. The Dark Web is the part of the World Wide Web that is only accessible by means of special software, typically allowing users and website operators to remain anonymous or untraceable.
Of 1,494 threats identified in a prior six-month period, more than a quarter – or 345 – was connected with so-called “carding”, i.e., player membership schemes at casinos.
In the Dark Web, the system reportedly analysed data from hacking forums, black markets, leaked databases, closed groups in instant messaging platforms, and “paste sites”.
In the Clear Web, the system is said to have searched paste sites, search engines and websites of major companies in the gaming industry.
The findings of IntSights – a company which according to its website has offices in Tel Aviv, Israel; Amsterdam, the Netherlands; and New York and Dallas in the U.S. – were published in its “Gaming and Leisure Cyber Security Benchmarking Report”.
The Dark Web threats were said to have included: 55 instances of casino chips being offered for sale; 86 instances of hacking or attempted hacking of slot machines; 95 hacking tutorials being offered; 19 distributed denial of service (DDoS) attacks on resorts; 61 “scam guides” regarding casino resorts; 63 instances of point-of-sale hacking tools; 141 customer logins respectively holding cash balances offered for sale; and 289 instances of information on illicit cash out methods.
“Our research was performed anonymously, and all the scanning was done in the IntSights cloud infrastructure,” said the company in its report.
To harvest information on potential or actual threats, IntSights said it searched in particular for signs on the Dark Web of: company internal logins; leaked staff credentials that could be used to infiltrate further a company’s systems; employees listed for targeting by “malicious actors”; indicators of intention to hack, scam or damage companies’ assets; and registered fake or phishing domains.
IntSights claimed its report would “enable security teams to better resource and fortify their infrastructure against attacks” via use of its cybersecurity products.
In February 2014, U.S.-based casino group Las Vegas Sands Corp suffered a hacking attack that led to group websites having to go offline for several days.
The same year it emerged that anonymous registrants of 35 Chinese-language websites and domain names were being pursued through the courts in the U.S. for alleged illegal use of trademarks belonging to Las Vegas Sands, which has licensed casino operations in Macau.
In August that year, Macau-based casino operator Galaxy Entertainment Group Ltd warned the public about fraudulent websites exploiting the company’s brands.
