Casino CyberattackSummary:

  • Chase Cunningham told casino operators that breaches are inevitable and perfect defense is a myth.
  • Despite billions spent and thousands of vendors, cyberattacks keep increasing.
  • The former Navy cryptologist says the real cost of hacks gets passed on to customers through higher prices.

A cybersecurity veteran delivered a stark reality check this week to casino operators in Las Vegas: no matter how much companies spend, breaches are going to happen.

Chase Cunningham, a retired Navy chief cryptologist known as Dr. Zero Trust, spoke at the World Game Protection Conference at the South Point Hotel Casino:

If you think you can spend your way to better cybersecurity compared to others who don’t spend as much, you’re wrong. Organizations spend (millions of dollars) a year on cybersecurity and they all get breached. What does that all mean for us? We should accept the reality that there is no perfect defense. Sooner or later, the very nature of engineering and building something means someone out there can reverse engineer. This is why the bad guys have a lot of reasons to do this stuff

Resilience Rather Than the Illusion of Perfection

Rather than chasing the idea of perfect protection, Cunningham urged operators to focus on resilience. Breaches, he said, are not a sign that a company is finished.

The thing about cyber now is to move past perfect defense and never getting breached toward resilience in operations and blast control. You’re going to get breached, and it’s OK. Have you seen anyone go out of business because they got breached?

He pointed to a crowded cybersecurity market, with roughly 4,000 vendors selling tools and services, growing by about 13 percent a year. Yet attacks continue to rise, especially after the pandemic pushed businesses online.

It’s not possible to have this many vendors with this much technology and for us not to have a solution to solve the problem. It’s a place for a lot of people to make a whole lot of money, bad guys and good guys. That’s why it keeps growing.

Firewalls, he added, were never designed to stop sophisticated attacks. Buying more of them will not change the outcome, as human behavior remains one of the biggest weaknesses, with special emphasis on weak passwords and simple mistakes.

“Hope Is Not a Strategy”, Customers Will Get Hit

Hope is not a strategy”, Cunningham said. “It will not work”. The most uncomfortable part of his talk focused on who ultimately pays when casinos are hit. Cunningham believes the financial damage will not simply disappear, but it will inflate insurance costs and prices.

After the MGM hack took place (in 2023), things got more expensive. […] they charged 26 bucks for a bottle of Fiji water. They got compromised and to cover costs had to make it up on the back end. MGM Resorts had $100 million wiped out, and they recovered that by passing that on to us.

His bottom line was clear: if you are connected to the internet, you are a target, and, in the casino world, the ripple effects do not stop at the server room.

About the Author

Author Hello my fellow Americans. My name is Jayson Peter and I am the Chief Editor of CasinoUSA.com. I have been working in and out of the gambling industry for the past 20 years. You will be able to read the latest reviews on US casino rooms, find out the legality of gambling in your state and much more.