Dunvegan Thought Spot


In the research The Dunvegan Group conducts to support our CCR™ (Customer Care & Retention™) programs, we discover articles, blog posts and videos which, although not directly related to our work, are thought provoking or concern matters you may want to think about.  ‘Thought Spot’ covers a broad range of subjects.

The posts in ‘Thought Spot’ are selected by Olev Wain, Ph.D., VP of Research at The Dunvegan Group. 

We welcome your feedback!



Hacking & Casinos – The New Frontier?

The technological advances in the video gaming industry have moved into the casino environment allowing it to not only expand beyond land-based casinos but also to redefine how traditional casino games are played.

Table games (e.g., Black Jack, Craps and Roulette) are now being played electronically with multiple games played simultaneously by one player at a single video screen with multiple windows, one for each game.  

Casinos are beginning to look more and more like video game arcades. This is not surprising since the traditional casino player is getting older and is being replaced by the younger millennials who have grown up in electronic/video environments.  Getting this demographic to come to land based casinos, as well as those that are online, requires a different approach that is electronically based.  And therein lies a problem for casinos.

As reported in Casino Journal in the February 2018 issue:

“When it comes to network security, casinos are often wide open to online attackers. That’s the basic finding of Bulletproof, a GLI company, which has completed network security assessments at more than 100 casinos.”

According to Bulletproof, individual casinos are not the primary targets for network hackers who primarily are looking for credit card information and personal health care data.  Most breaches have been for point-of-sale information in the retail environment. But given the increasing incidence of cyber-attacks, Bulletproof believes that all consumer facing businesses, including casinos, will be candidates for hacking.

According to Bulletproof, there are five areas of vulnerability specifically for casinos:

  • Patches for vulnerability in software do not always work; patches may break something unexpectedly, creating a new vulnerability
  • Shortcuts to user management and access controls, such as simple or shared passwords make it easier for attackers to steal data.
  • Ineffective logging and alerting. Casinos are more likely to be monitoring system ‘events’ and errors rather than game transaction logs that could flag a breach.
  • Social engineering attacks. These are scare tactics, and threats of financial loss, targeted at individuals within a gaming enterprise using Phishing and Malware attacks with ransomware folded into the mix.
  • Industry misconceptions. The majority of gaming regulators focus on fairness of a casino game and accounting.  Network or IT security is very seldom their focus.  Anything that is not specifically required of a casino operator or vendor of casino games “will not be implemented because development,compliance testing and certification is expensive.”

These concerns are not only those of casino operators.  Looking at these five areas of vulnerability may cause you to take another look at IT security and network security practices in your own business.

Your thoughts?


Image courtesy of mipan at FreeDigitalPhotos.net

Relevant link : www.casinojournal.com

Return to list


    Leave a Reply