Saturday, March 26, 2022

9 Golden Tips To Stay Cyber Safe In The Online Betting World

 


With the threat of COVID-19 now decreasing here in the United States for a short period of time, and with summer coming up, many people are now planning their vacations.  Some will prefer to stay closer to home, or some will want to travel even further away to places that they never have been to before.  As for me, I have some road trips planned later on.

But one thing is for sure that from the last two years, people have saved some serious money by pretty much working from home, and cutting back going out, in an effort not to get the virus.  So with this new founded money, there are other ways that people are looking for to spend their dough.

In fact, the casinos and online gambling industries will probably see a huge uptick.  Gambling for your favorite sports teams, or even placing bets can be done in a variety of different ways.  For example, you can visit Las Vegas and visit the brick-and-mortar places, or you can simply use the mobile apps on your wireless devices.

But whatever way in which you choose to spend that extra dough, be careful.  To the Cyberattacker, this is just yet another arena in which they can tap into, because in all honesty, the security systems are still not up to par, at least with regards to protecting digital assets. 

For instance, the gambling industry brought in a total of $53 billion, which is a staggering 76.7% growth rate.  The online version of gambling garnered in about $3.71 billion, which represents a 614% growth rate.

Although casinos have a large amount of cash on hand to fulfill the bets placed, quite surprisingly there has been no large-scale robbery attempts.  Probably the main reason for this is that physical access security has long been a huge concern for this industry, so thus the appropriate controls have been put into place. 

But now, focus has to place upon training your staff and customers from the digital form of attacks.  How can you get started on this, if you are a casino or online betting platform owner?  Here are some tips:

1)     Segment out the network:

In the end, all of the devices that are found in a casino are all interconnected together, and form literally own huge Internet of their own.  While having this kind of configuration might keep things easy from a management standpoint, it is just one huge attack surface for the Cyberattacker.  For example, most casinos still Perimeter Security, and if a hacker were to break through that, he or she will have access to everything.  Instead, do what the rest of Corporate America is trying to do:  Break up your entire network into smaller ones.  This is technically known as “Subnetting”.  The idea here is that each little segment will have its own layer of protection, and if a Cyberattacker were to break through, there is only so far that they can go.  But don’t ever attempt to go at this alone, get the help of an MSSP to do this.  The main benefit of this is that not only with they do the proper subnetting for you, but they can keep an eye on your IT and Network infrastructure on 24 X 7 X 365 basis, and alert you in real if there is a potential security breach that is occurring.

2)     Install more sophisticated monitoring:

Not only should you have security guards keeping an eye things, but you also need to get a bird’s eye view as well.  In this regard, consider deploying CCTV cameras at strategic locations.  Although this a fairly common practice, the difference here is that you should get those cameras that Biometrics implemented into them, such as that of Facial Recognition (FR).  For instance, if you spot somebody suspicious, you can compare those images with the FR system on a real time basis.  If you can, try to take it even one step further.  Try also to find those technologies that have Computer Vision embedded into them as well.  All of these layers will provide an irrefutable piece of evidence against the suspect you have just apprehended.

3)     Online is the way to go:

As it was stated before, many people are now placing sports related bets straight from the comforts of their wireless devices.  But this takes a mobile app which you have to create.  Mobile apps have long been a favored target for the Cyberattacker, because the coding that goes into creating them is often unchecked for any security holes or vulnerabilities.  Therefore, if you are creating a mobile especially for this, you have to take the responsibility to make sure that the source code you compile is safe and secure, and you have to convince your customers of that as well. If possible, try to use the Apple Store to upload your betting apps, as they have very stringent security measures, this providing an extra layer of assurance to your customer.

4)     Have training programs:

Before your customers enter your brick-and-mortar location, or even place bets online, it should be a requirement that they need to have some sort of security awareness training.  Now, this does not have to be anything like a corporate based security awareness training program for employees, but even a short, ten-minute orientation will do.  In these training programs, you should teach your customers as to what to look out for in case they see anything suspicious, and have them report that ASAP.  In this regard, you should also have a dedicated 24 X 7 X 365 hotline for such kinds of incident reporting.

5)     Customers have a role too:

The customers of gambling and online betting also have a key responsibility here.  For example, they should keep a close on their accounts, and immediately report any kind of fraudulent activity.  Also, Phishing still remains to be the favored attack vector, so your customers need to be aware of what to look out for, and delete anything that is suspicious.  Also, do not download anything with an attachment or a click on a link that you do not know!!! If you have any doubts about an email that you received, always contact the sender to see if they really sent it.

My Thoughts On This:

Other tips that you should consider using:

*Watch for repeated, failed login attempts.

*Always use Multifactor Authentication (MFA) as you break out your network into smaller ones.

*Keep an eye for any account takeover attempts.

*Offer a One Time Password (OTP) to dimmish the risk of SIM card swapping.

Once again, the best line of defense is to simply be proactive.  Always trust your gut.  If something doesn’t feel right, then it probably isn’t.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...