Why Casinos Need to Pay More Attention to Cybersecurity

If you have learned anything from watching Hollywood heist movies, it is probably that banks and casinos are by far the best places to rob. While old school fictional criminals dug tunnels under buildings and found ways to trick security guards, today’s actual robbers are using technology as their preferred tool and stealing valuable data and personal information from the comfort of their own homes. Cybersecurity is a growing concern for businesses across every industry and that also holds true for casinos.


Hackers aren’t interested in getting a hold of a pile of chips or breaking into the casino vault, they are targeting casinos in the hopes of securing credit card information from guests. These types of breaches not only affect the finances of customers, but it also diminishes the reputation of the hotel and casino and makes it less likely that people want to take the risk of doing business with casinos that have a record of experiencing security problems. This issue will continue to become more important as a variety of casino information is stored and processes are conducted using cloud-based software.

A popular casino with locations around the world,  serves as a cautionary tale of the consequences of poor cybersecurity. Once a year, for the past three years, the casino has experienced major problems. In 2015 and 2016, malware was found installed on the POS system, which allowed hackers to access credit card data and other sensitive guest information. In 2017, eleven of their hotels were attacked through their booking software. While this last incident was not entirely their fault, the incident it still associated with their name.

Why Casinos Face an Increased Threat

Now take into account that many casinos also offer online gambling services, and you have a potential recipe for disaster. A 2015 report by Akamai, a digital security firm, found that online gambling is now the new prime target for distributed denial of service (DDoS) attacks. In fact, over 50% of all DDoS attacks have been directly aimed at the gaming industry. The goal of this type of attack is to disrupt service so that legitimate users are unable to connect to the host site and conduct normal activities. By overwhelming the site and causing chaos, the attackers hope to create or at least identify another vulnerability that will allow them to steal data. According to the study, these attacks lasted an average of 16 hours before they were able to be stopped. For casinos, that can translate into a significant loss of revenue.

Part of what makes casinos a prime target for attacks is because they handle large amounts of information and transactions. They are essentially a sophisticated banking system with multiple points of contact. Customers and guests enter their information when making hotel reservations, paying for meals, purchasing chips and even buying merchandise at gift shops.


Another part of the problem is the emergence of cloud-based technology. Yes, new software allows casinos and other businesses streamline processes, store data and run more efficiently, but without the right protections in place, these tools can also create vulnerable points of entry for persistent cyber criminals. It isn’t enough to onboard new solutions and assume that current security safety nets will continue to be effective. Cybersecurity is extremely challenging to combat because even as new security measure are put into place, hackers are working on finding ways around these patches.

The Solution

First and foremost, casinos need to realize the extent of the threat they are facing. While many are quick to point fingers at the shortcomings of the casinos that have been effectively targeted, there are few other establishments who are adequately prepared to handle cyber threats. The security platform, UpGuard, evaluated a range of both brick and mortar and online casinos to assess their website security. The results show that even industry giants, like Caesars Palace seem to have let cybersecurity become an afterthought.

Be Proactive


Once casinos are able to objectively evaluate their current situation and understand where there are real gaps, they need to implement solutions and change their entire approach to cybersecurity. Any business that conducts transactions or stores customer data absolutely must take a proactive approach to security. The last thing you want to do is be left trying to play catch up. In a worst case scenario, you will experience a significant revenue loss, damage your reputation and have to compensate hundreds of people who were the ultimate victims of any attack.

Partner with the Right Companies

Individual casinos need to spearhead their own cybersecurity strategies and have experts in place to immediately address any attacks. In addition, they also need to partner with the right companies and providers. As businesses continue to incorporate more software solutions into their daily operations, they need to make sure that those companies also demonstrate a commitment to security and continue to improve their own security protocols. You will want dynamic solutions rather than programs that will quickly become outdated and subject to attack.

For example, Casino Schedule Ease specializes in providing a client server based program that automates scheduling tasks that are specific to the gaming industry. Greektown Casino, Borgata and many other big names rely on this service to run more efficiently and improve employee satisfaction. However, they also turn to Casino Schedule Ease, because the company has demonstrated a progressive approach to providing secure services that are designed to complement and enhance the existing efforts of their customers. Being able to form partnerships with providers who share the mutual goal of advanced security will be an essential part of protecting against increased attacks.


Technology is being used to disrupt industries that were once seen as unchanging and create solutions that streamline processes and put more emphasis on the importance of creativity. While most would agree that this signals progress and the promise of more positive changes, it also create opportunities for criminals to exploit systems for their own personal gain. As part of an especially vulnerable industry, casinos need to wake up to impending threats and make sure they are doing everything possible to thwart attacks. This includes creating their own security strategies and making sure that they are partnering with other solution providers who share the same commitment to security.