Ransomware Attack on Tasmania Pokie Machines
The lone casino operator of Tasmania, a firm by the name of Federal Group was on the unfortunate receiving end of a catastrophic ransomware attack this month. The cyberattack has left the region’s Pokie machines completely out of order. Investigators are coming through the metadata looking for any possible clues or traces of whom may be behind the attack. Hotel booking systems in the area are also said to be out of service.
Cyber security represents one of the most important departments in modern-day casinos. In Tasmania, Australia there is a severe lack of expertise in the field, particularly in the gaming sector, which has in turn led to a heightened focus on the region by cyber criminals. ©geralt/Pixabay
Since April 3rd the Federal Group business has been under assault from an unknown actor or malicious group targeting the critical computer systems of the business. Pokie machines at the Wrest Point and Country Club casinos have become completely un-operational due to the ongoing cyber attack, and moreover, customer booking systems for the hotel and leisure side of the business have also become defunct during the attack.
According to the staff at the casino, it is common knowledge that a ransomware attack has occurred. United Workers Union has already made a statement on the incident, with their leading figurehead telling ABC News reporters that IT systems displayed a message requesting a cryptocurrency payment shortly after crashing.
Ransomware is a destructive type of malware that encrypts data on an infected IT system, the targets are then coerced into making payments to the hacker in cryptocurrency under the pretext that they will regain access to lost data. Although, as is common in most cases the data is never returned to the target even after they make ransom payments.
External Experts Sent In to Assist with Inquiries
Working closely alongside the Federal Group engineers is a team of forensic analysts and experts from various government agencies and private firms. Due to the hard work of this highly talented team of experts, the incident is now contained and there is no possibility of the malware infecting any other parallel systems.
Whilst this incident has been effectively stopped dead in its tracks, serious questions remain over how the next steps will go. The main issue currently being contended with is whether or not to fulfill the ransom demands. It is unlikely that the team will choose this option as it will likely encourage further attacks of a similar nature.
Local law enforcement agency, The Australian Cyber Security Centre have been notified, and are coordinating with the necessary local agents to root out any similar vulnerabilities in these legacy systems. The direct cause of the attack is still unclear, and combing through the server logs and trying to narrow down the exact cause of this issue is something that will need to be investigated properly over the coming weeks.
According to investigators, the ransomware attack is not the limit of the intrusion. Legacy databases containing customer details such as name, address, and credit card numbers are also believed to have been captured by the hacker. In most modern systems this data is only stored after extensive encryption efforts are made on the raw data. But unfortunately, the Federal Group systems were not designed with such complex precautions in mind.
More Tasmanian Companies Could Be Targeted
Gambling and gaming companies based in Tasmania are high-value targets for nefarious cyber actors operating in the region. Each successful ransomware attack only serves to exacerbate the problem and encourage those perpetrators behind the attacks to keep pushing forward with their strategies. Oftentimes these groups are linked to organized crime and pursue these tactics as an easy and relatively low-risk revenue earner.
Cash-based companies like casinos are always going to be highly vulnerable to these types of attacks in Tasmania, there is a high risk that criminals will continue to carry out this activity whilst the profit incentive is so prevalent. It will be the work and focus of cyber-security specialists being consulted by these companies to sure up the old systems and help defend them from future infiltrations.
Cybercriminals operating in Australia seem to have figured out that Tasmania is a place with a disproportionately high number of poorly protected legacy systems. This is hugely problematic for the long-term stability of the region as a business and commerce hub. The local government continues to pay close attention to these issues and will hopefully find a working solution to prevent further ransomware attacks in the next few months.
