After a virtual-only that 2020 was, thousands flock to Las Vegas for the Black Hat conference. The cream of the infosec, however, should take note. Researchers claim to have found critical vulnerabilities within the IT systems of major casinos around the city of sins.
Hacking-related shenanigans are nothing new in the 24-year long history of the Black Hat event. With thousands of techies in one place, someone’s going to try to hack something eventually. This instance, however, seems different.
Researchers from Reposify, a cybersecurity company, claim to have identified multiple exposures in the IT networks of Las Vegas’s leading casinos. That could be a problem as, before the pandemic, Black Hat attracted around 20 thousand people, many of whom spend their evenings roaming the city where the conference takes place.
Not that attempts to steal data from the casinos should come as a surprise. In the light of multiple multi–million–dollar ransomware attacks, Nevada Gaming Control Board (NGCB) warned casino operators to be prepared for possible cyber-attacks.
We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,
company spokesperson told CyberNews.
Vulnerabilities overlooked
Researchers claim to have used an External attack surface management (EASM) platform to look for any security issues that might catch attackers’ attention. The search was not in vain. For example, one of the discovered exposures was in the network perimeter of a leading Las Vegas casino.
A stack trace of the casino’s purchasing system allowed researchers to access information about the casino’s backend architecture and other highly sensitive data. Researchers claim that threat actors can leverage exposed stack traces to gain access into a casino’s internal networks.
A different case involved discovering a Microsoft Exchange server with several critical vulnerabilities, researchers assigned to the highest CVSS 10 category. These vulnerabilities allow malicious actors to gain domain administrator rights and execute code attacks in the worst-case scenario. That could potentially wreak havoc in casinos’ internal systems.
“If attackers managed to gain access to this server, which they could easily do by exploiting the several vulnerabilities this server had, they would be able to see all internal and external communications, launch phishing and ransomware attacks, among others,” Repsoify’s spokesperson told CyberNews in an email.
According to the researchers, one of the casinos did not use multi-factor authentication for logging in to a firewall system, leaving a critical part of security open to credential stuffing and brute force attacks.
“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” the spokesperson explained.
The company could not disclose the names of the affected casinos and did not know whether discovered vulnerabilities were exploited or not. Casinos with holes in their IT systems were informed about the findings of the research.
More from CyberNews:
Iran threat actor Charming Kitten has exfiltrated 2TB of victims’ data since 2018
When Hacking Competitions Are Used For National Advantage
Dumping yards are treasure to malicious hackers
Trash panda as a service: Raccoon Stealer in pursuit of cookies, passwords and cryptocoins
Subscribe to our newsletter
