All Six Lucky Star Casinos Remain Closed Following Weekend Ransomware Attack

Posted on: June 22, 2021, 08:18h. 

Last updated on: June 22, 2021, 11:12h.

All six Lucky Star Casino locations in Oklahoma remain closed after a ransomware attack penetrated the venues’ information technology (IT) networks. 

Lucky Star Casino cyberattack ransomware
The Lucky Star Casino in Concho. The casino is one of six in Oklahoma that remains closed because of a ransomware attack. (Image: Yukon Progress News/

Owned and operated by the Cheyenne and Arapaho Tribes of Oklahoma, Lucky Star has casinos in Concho, Clinton, Canton, and Watonga. The tribes also have gaming parlors inside their travel centers in Hammon and Concho.

The venues unexpectedly closed last weekend. On Monday, the tribes confirmed that a cyberattack was responsible.

Lucky Star added that it is working closely with federal law enforcement, including the FBI, to resolve the matter. The casino said its insurer will provide credit monitoring services for the next 12 months. 

Ransom Unknown

Lucky Star did not comment on whether a ransom has been demanded from those responsible for the cyberattack. The tribal casino is only the latest in a recent string of attacks on Native American resorts.

Last week, the Menominee Casino Resort in Wisconsin was closed after it, too, was the victim of an attack. And last October, the Cache Creek Casino Resort in Northern California was closed for three weeks after it was the victim of a cyberattack.

That same month, two other tribal casinos in Idaho, Clearwater River Casino & Lodge in Lewiston and It’se Ye-Ye Casino in Kamiah,- were closed for 10 days after being hit online. The Idaho casinos are owned and operated by the Nez Perce Tribe. 

The most notorious hacking in the global gaming industry came in 2014 when hackers in Iran retaliated against billionaire Sheldon Adelson for his pro-Israel actions and infiltrated his Las Vegas Sands IT network. The hack cost the casino operator an estimated $40 million. 

The US government later confirmed Iran was behind the incident. 

What is Ransomware?

It’s been a major concern for companies ranging from small to large for years. But major cyberattacks — most recently the shutdown of the Colonial Pipeline, which resulted in the company paying a $4.4 million ransom in bitcoin — have only heightened awareness regarding the importance of cybersecurity. 

So, what is ransomware? 

“Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption,” explains the US Cybersecurity and Infrastructure Security Agency.

“In recent years, ransomware incidents have become increasingly prevalent among the nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations,” the agency continued.

Palo Alto Networks, a cybersecurity company, claims that the average ransom paid in 2020 skyrocketed 171 percent to $312,493. In 2019, the average ransom was $115,123.