Cybersecurity Expert Offers Advice After Gateway Casinos Ransomware Attack
Friday, 14 July 2023Gateway Casinos and Entertainment announced on April 16th, 2023, that it was the victim of a cyber-attack and as a result, it was suspended for two weeks.
Gateway Casinos and Entertainment became the target of a cyber-attack and ceased operations for two weeks. According to technology analyst and journalist Carmi Levy, the blow to Ontario's land-based gambling industry has shown the need for companies to invest more time and resources in cybersecurity and employee training.
Recommended Safe Ontario Online Casino Sites
The Cyber-Attack
Gateway Casinos and Entertainment operates 14 gaming locations across Ontario. On April 16th, it announced that it had been the victim of a cyberattack and that it would suspend gambling activities for more than two weeks. As a result, on April 17th, the company closed all of its Ontario locations. They would not be opened until April 29th.
In an email sent to customers on April 22, the company confirmed that it had been the target of a ransomware attack but denied that employee and customer data had been leaked.
"We are continuing to work with third-party experts on a 24/7 basis to determine if there has been any impact on personal information in this case," the email said.
A week later, on April 29th, Gateway Casinos and Entertainment announced that it was beginning the phased reopening of its land-based sites following the attack and assured that all government institutions had been contacted.
"We want to reiterate that we have notified the relevant privacy officials, law enforcement, and government regulators about the cyber incident."
What Does the Expert Say?
In a recent interview, technology analyst and journalist Carmi Levy stated that ransomware attacks have become increasingly sophisticated and frequent. In his capacity as an expert, Levy explained that cybercriminals usually send phishing emails that appear to be legitimate to the organization and its employees.
The purpose of the email is to encourage the recipient to download the attachment that infects the organization's machine and network, thereby gaining access to it. At the same time, ransomware locks the data of the person and the organization and requires payment to unlock it, which most often has to be done in cryptocurrency.
Levy noted that it is wrongly believed that the problem is technological since at its core it is rather a problem with human resources and their lack of training. The expert added that there is no guarantee that cybercriminals will unlock the data.
"We think of ransomware as a technology issue, but it's a human resources issue. A training issue," he claimed.
To recover from a ransomware attack, organizations must find previous backups, which is a time-consuming process. He added that in most cases, organizations realize that their backups are not as good and efficient as they thought.
"In many cases, a lot of organizations find out after they've been attacked by ransomware that their backups weren't quite as effective as they should have been," Levy said.
When asked what he thought was the key to solving the problem, Levy was adamant that as cybercriminals become more sophisticated, the best defence against cyber-attacks is investing in better education on the subject.
"This is not a time for any organization to stick its head in the sand. (...) This is a time to go public about how their culture is going to be strengthened to prevent this from happening in future", he said.
In conclusion, the expert indicated that it is necessary for companies and organizations to make the process more transparent in the case of such cyber-attacks. It should be clear if there is a leak of personal data and if it has been compromised in any way. Levy cited past campaigns on driving, drinking, and safe sex as examples of successful efforts that can inspire the public to take care of their safety online.
In early May, Gateway Casinos and Entertainment gradually began to return to normal operations, opening its 14 locations across Ontario. This Ransomware attack served as a warning to all land-based gambling companies that they need to invest in cybersecurity training for their staff and take extra measures to protect personal data like the best Ontario online casinos do.