Given the billions of dollars globally that run through the casino industry, that the dark web is home to those with an interest in attacking this market should come as no surprise. But while we might assume most cybersecurity attacks would be aimed at online operators, a new report claims that it is, in fact, land-based businesses which should be the most concerned.
Security provider IntSights Cyber Intelligence outlined the results of a six-month project in which they scoured the internet for threats on 30 leading gambling resorts. The results of that research were revealed in the company’s Gaming and Leisure Cyber Security Benchmarking Report.
Many Threat Types Found
IntSights says that it found nearly 1,500 security threats to the casinos they reviewed. These ranged from DDoS attacks on the systems at these venues to threats that target affiliates, guides to scamming resorts, stolen credit cards, attempts to hack slot machines, and financial accounts for sale, among others.
In a blog post on their website, IntSights Digital Marketing Manager Alexandra Carney outlined what the firm sees as the three largest threats to the gaming industry: fake or phishing domains, carding scams, and log-ins with money balance for sale.
Fake domains are a common tactic used by scammers, as they can encourage individuals to share information such as logins and passwords by fooling users into thinking they are on a “safe” site.
Cardings scams involve “the trafficking of credit card, bank account and other personal information online, as well as related fraud services that can also include the procurement of details and money laundering techniques.”
The log-ins are a particular problem, as they can allow malicious actors access into a resort’s private systems. “Internal log-ins can be exposed and used by threat actors to infiltrate the company’s network and harvest sensitive data,” Carney wrote.
No Casinos Named
The company did not identify the specific gaming properties being targeted by these threats. The potential schemes were identified by analyzing data from hacking forums, black markets, instant messaging platforms, and so-called “paste sites.”
IntSights says that all research was performed anonymously, and all of the automated scans were performed in their own cloud infrastructure.
In their dark web searches in particular, they looked for cues such as internal logins for gaming firms, employees who had been named as targets, and leaked staff credentials that could be used to infiltrate a company’s systems or properties.
According to the company, the goal of the research was to “enable security teams to better resource and fortify their infrastructure against attacks,” which, coincidentally, might include purchasing some of Intsights’ own products and services.
What Is the Dark Web?
The dark web is a smaller subset of the “deep web,” which is the name for the parts of the internet that are not indexed by search engines such as Google. Dark web content is that which also requires special software or authorization to access. While a variety of activities take place on the dark web, it has become best known for its use by black markets, hackers, whistleblowers, and other clandestine organizations.