With the threat of COVID-19 now decreasing here in the United
States for a short period of time, and with summer coming up, many people are
now planning their vacations. Some will
prefer to stay closer to home, or some will want to travel even further away to
places that they never have been to before.
As for me, I have some road trips planned later on.
But one thing is for sure that from the last two years,
people have saved some serious money by pretty much working from home, and
cutting back going out, in an effort not to get the virus. So with this new founded money, there are
other ways that people are looking for to spend their dough.
In fact, the casinos and online gambling industries will
probably see a huge uptick. Gambling for
your favorite sports teams, or even placing bets can be done in a variety of
different ways. For example, you can visit
Las Vegas and visit the brick-and-mortar places, or you can simply use the
mobile apps on your wireless devices.
But whatever way in which you choose to spend that extra dough,
be careful. To the Cyberattacker, this is
just yet another arena in which they can tap into, because in all honesty, the security
systems are still not up to par, at least with regards to protecting digital
assets.
For instance, the gambling industry brought in a total of
$53 billion, which is a staggering 76.7% growth rate. The online version of gambling garnered in
about $3.71 billion, which represents a 614% growth rate.
Although casinos have a large amount of cash on hand to fulfill
the bets placed, quite surprisingly there has been no large-scale robbery attempts. Probably the main reason for this is that physical
access security has long been a huge concern for this industry, so thus the
appropriate controls have been put into place.
But now, focus has to place upon training your staff and
customers from the digital form of attacks.
How can you get started on this, if you are a casino or online betting
platform owner? Here are some tips:
1)
Segment out the network:
In the end, all of the devices that
are found in a casino are all interconnected together, and form literally own
huge Internet of their own. While having
this kind of configuration might keep things easy from a management standpoint,
it is just one huge attack surface for the Cyberattacker. For example, most casinos still Perimeter
Security, and if a hacker were to break through that, he or she will have access
to everything. Instead, do what the rest
of Corporate America is trying to do:
Break up your entire network into smaller ones. This is technically known as “Subnetting”. The idea here is that each little segment
will have its own layer of protection, and if a Cyberattacker were to break through,
there is only so far that they can go.
But don’t ever attempt to go at this alone, get the help of an MSSP to
do this. The main benefit of this is that
not only with they do the proper subnetting for you, but they can keep an eye
on your IT and Network infrastructure on 24 X 7 X 365 basis, and alert you in real
if there is a potential security breach that is occurring.
2)
Install more sophisticated monitoring:
Not only should you have security
guards keeping an eye things, but you also need to get a bird’s eye view as well. In this regard, consider deploying CCTV
cameras at strategic locations. Although
this a fairly common practice, the difference here is that you should get those
cameras that Biometrics implemented into them, such as that of Facial Recognition
(FR). For instance, if you spot somebody
suspicious, you can compare those images with the FR system on a real time
basis. If you can, try to take it even one
step further. Try also to find those
technologies that have Computer Vision embedded into them as well. All of these layers will provide an irrefutable
piece of evidence against the suspect you have just apprehended.
3)
Online is the way to go:
As it was stated before, many people
are now placing sports related bets straight from the comforts of their
wireless devices. But this takes a
mobile app which you have to create.
Mobile apps have long been a favored target for the Cyberattacker, because
the coding that goes into creating them is often unchecked for any security
holes or vulnerabilities. Therefore, if
you are creating a mobile especially for this, you have to take the responsibility
to make sure that the source code you compile is safe and secure, and you have
to convince your customers of that as well. If possible, try to use the Apple
Store to upload your betting apps, as they have very stringent security
measures, this providing an extra layer of assurance to your customer.
4)
Have training programs:
Before your customers enter your brick-and-mortar
location, or even place bets online, it should be a requirement that they need
to have some sort of security awareness training. Now, this does not have to be anything like a
corporate based security awareness training program for employees, but even a short,
ten-minute orientation will do. In these
training programs, you should teach your customers as to what to look out for in
case they see anything suspicious, and have them report that ASAP. In this regard, you should also have a
dedicated 24 X 7 X 365 hotline for such kinds of incident reporting.
5)
Customers have a role too:
The customers of gambling and online
betting also have a key responsibility here.
For example, they should keep a close on their accounts, and immediately
report any kind of fraudulent activity.
Also, Phishing still remains to be the favored attack vector, so your
customers need to be aware of what to look out for, and delete anything that is
suspicious. Also, do not
download anything with an attachment or a click on a link that you do not know!!!
If you have any doubts about an email that you received, always contact the sender
to see if they really sent it.
My Thoughts On This:
Other tips that you should consider using:
*Watch for repeated, failed login attempts.
*Always use Multifactor Authentication (MFA) as you break
out your network into smaller ones.
*Keep an eye for any account takeover attempts.
*Offer a One Time Password (OTP) to dimmish the risk of SIM
card swapping.
Once again, the best line of defense is to simply be
proactive. Always trust your gut. If something doesn’t feel right, then it probably
isn’t.
No comments:
Post a Comment