Palms Las Vegas Website Targeted by Malware, Casino Investigating

Posted on: October 19, 2022, 01:12h. 

Last updated on: October 19, 2022, 02:02h.

Devin O'Connor @CasinoorgDevinO Read More
Expertise: Asia Pacific Gaming, Commercial Gaming, Legislation, Politics.

The Palms Las Vegas website is currently down. The casino resort’s information technology (IT) department is investigating the cause.

Palms Las Vegas malware cyberattack ransomware
The Palms Las Vegas website has been offline for more than 24 hours after being hit with malware. The off-Strip casino is owned and operated by the San Manuel Band of Mission Indians in California. (Image: Palms Las Vegas)

A visit to www.palms.com currently redirects to a malware message warning visitors that clicking through to the website may harm the user’s computer.

“Warning — visiting this web site may harm your computer!” the landing page cautions.

The website suggests that visitors return to the previous page or try another search. Reached for comment by the Las Vegas Review-Journal, Palms officials said the situation is under review.

We are aware of the disruptions to the Palms Casino website and are working as quickly as possible to determine the cause,” a Palms spokesperson said yesterday. “We’ve engaged outside experts to help us investigate the cause and restore availability to all users as soon as possible.”

The Palms Las Vegas website remained down as of 1:30 pm ET on Wednesday, October 19.

Malware Disruptions

Casinos have become prime targets for hackers and ransomware in recent years. Both commercial and tribal gaming businesses have been hit by online criminal groups.

The Palms situation is apparently a malware attack. Google labels the Palms website with a “Malware Warning.”

Malware is software intentionally designed to disrupt a computer, server, client, or network. Malware also typically involves the unauthorized access of private information and data. Palms hasn’t said whether its website issue has resulted in any confidential data being wrongly accessed.

The FBI last year warned Native American tribes that operate casinos to be on the lookout for ransomware attacks. A ransomware attack typically involves data breaches and blocking a company’s access to its digital properties until a ransom is paid.

California’s San Manuel Band of Mission Indians, one of the nation’s richest gaming tribes, acquired the Palms last year from Red Rock Resorts and Station Casinos for $650 million. The tribe’s flagship property is the Yaamava’ Resort & Casino at San Manuel in Highland, Calif.

Tribe Invests in Cybersecurity

The San Manuel Tribe has its own chief information security officer. The position is held by Glenn Wilson, a former software engineer who, for over the past 20 years, has worked in cybersecurity and data protection.

During last month’s TribalNet Conference 2022 at Reno’s Grand Sierra Resort & Casino, Wilson stressed the importance of tribal casinos assuring the protection of their digital assets. He also discussed how easily hackers can access supposed protected materials.

When you hear someone say, ‘We’ve been the victim of a very sophisticated cyberattack,’ it really means that some fool clicked on an email they shouldn’t have,” Wilson said of common phishing emails.

Wilson recommends that casinos and any other business define three critical points when it comes to their cybersecurity protocols:

  • What do I have of value?
  • Who wants to steal it?
  • How should I protect it?

Wilson also says businesses must not take a “one and done” cybersecurity approach, and instead, continually upgrade and improve their online safeguards. But even the most advanced tech giants aren’t fully immune to cyberattacks.

Google admitted to paying an $8.7 million bounty to cybercriminals last year after its Android, Chrome, and Play platforms and systems were disrupted.