FBI cybercrime investigator Frank Corral warned the casino industry at the World Gaming Protection Conference in Las Vegas on Thursday to remain highly vigilant against cyber threats, emphasizing that law enforcement will eventually catch the criminals and recover the ransom. Although he did not comment on specific cases, including the recent hacking of Wynn, he revealed that hackers are usually IT-savvy young people who obtain credentials through social engineering and typically lurk in the system for five months before launching an attack. In plain terms, the hackers have been hiding in the system, waiting for the right moment to strike.
Hacker tactics: From encryption ransom to leak threats, average ransom $2.73 million
Corral pointed out that hacker organizations are consolidating, with some developing malware and others purchasing access rights. The mode of operation has shifted from encrypting data for ransom to threatening to leak data for hush money. The average ransom demand is $2.73 million, but it can be negotiated down to $1 million. Although the FBI advises never to pay the ransom, the amount demanded is still rising. He specifically warned that search engine optimization poisoning is an emerging threat, and employees should not trust the top few links in search results.
Law enforcement results: $115 million recovered, British teenager arrested
Corral revealed that law enforcement has recovered $115 million from the suspected extortionist hacker group Scattered Spider. Last September, a British teenager related to the MGM attack case was arrested. He emphasized: "You may be hiding in another country, but eventually, we can track and arrest you." Corral stated that many people think hackers are overseas and cannot be caught, and the money cannot be recovered, but this is not the case; it just takes time. He also warned that the threat from internal employees is equally significant, especially former employees who can still access company systems after being fired. Business email compromise is the most common attack method in the gaming industry, with hackers obtaining credentials through social engineering by calling help desks. He reminded companies that any changes involving financial transactions should be verified by phone a second time, not just by email confirmation. Want to know the latest on casino cybersecurity? PASA official website keeps track.
————
This article is from "PASA-Global iGaming Leaders," a gambling industry news channel:https://t.me/pasa_news
Original in-depth gambling channel:https://t.me/gamblingdeep
Free data reports: @pasa_research
PASA Matrix: @pasa002_bot
PASA official website: https://www.pasa.news
