Cyber attack hits Tasmanian casinos
A cyber attack is to blame for Tasmania’s lone casino operator’s poker machine and hotel booking system outage, which has lasted for more than a week.
The ABC reports that Federal Group director Daniel Hanna said the cyber incident that shut down poker machines at its Wrest Point and Country Club casinos since April 3 had involved ransomware.
United Workers Union casino organiser Dario Mujkic said it was common knowledge amongst the casino workforce that a ransomware attack had occurred, with multiple staff having seen a message seeking the payment of cryptocurrency.
Ransomware is a type of malware that encrypts a target’s files, with the attacker then demanding a ransom to be paid before it will restore access to the files, normally to be paid using Bitcoin or another type of cryptocurrency.
Dr Hanna said the incident had been contained due to the hard work of its team and external experts, but did not answer when poker machines and hotel check-in services, at accommodation including Wrest Point, the Country Club, Sapphire Freycinet, MACq 01 and the Henry Jones Art Hotel would be able to resume.
“The Australian Cyber Security Centre was notified and is coordinating relevant law enforcement agencies and continued forensic analysis,” Dr Hanna said.
“Federal Group has at all times complied with legal and regulatory requirements related to the incident.”
“The incident is being actively investigated by Federal Group and external experts we have retained, with the cooperation and involvement of relevant authorities who are assisting and as such, we cannot comment further at this stage.”
Personal and credit card details could have been compromised
Multiple former IT employees at Federal Group told the ABC they believed historic credit card details stored in the hotel booking system could have been compromised, as well as the electronic gaming systems at both casinos.
Dr Hanna did not respond to questions about whether personal or credit card information of customers had been compromised, but said unions and other individuals who commented on the incident “are not involved in the investigation or appraisal of all relevant information, and cannot be relied on to provide accurate information”.
An extended poker machine outage at casinos would come at a considerable financial cost to Federal Group.
According to electronic gaming machine expenditure data collected by Tasmania’s Liquor and Gaming Commission, patrons spent $53.7 million on poker machines at Federal Group’s two casinos and on the Spirit of Tasmania during the last eight months, with an average monthly expenditure of $6.7 million.
Under federal legislation, any organisation covered by the Privacy Act must notify the Office of the Australian Information Commissioner and any affected individuals of a data breach when it is “likely to result in serious harm to an individual whose personal information is involved”.
Federal Group did not answer whether it had notified the OAIC of a notifiable data breach.
The Australian Federal Police said it was aware of the incidents impacting Federal Group, but had not received any reports relating to them and was not investigating the matter.
International privacy and security consultant Terry Aulich, a former federal senator and Tasmanian minister, said gaming and gambling organisations would be “high on the list” to be targeted by hackers.
Mr Aulich did not comment directly on the Federal Group hack but said restoring services for a victim of ransomware could take several weeks.
“Cash-based or financially sophisticated organisations like casinos are going to be a target of attacks and they can be very sophisticated, because it’s the old system,” he said.
“Once you have a honeypot then it’s worth the while of hackers and other bad players to build up a sophisticated attack mechanism and that’s their major problem.”
“Young kids are not going to have a go at you if you’re a casino, but it’s groups of major crooks that are going to be your enemy.”
Mr Aulich said he was “extremely disappointed” with the sophistication of Tasmanian business’ cyber defences, as well as the effort they put into them.
Premier Peter Gutwein said the cyber incident was “challenging” but said Federal Group was doing all it could to restore its service.