The agency warned of a high risk of cyber attacks on the gambling business.
The FBI is warning of the threat of cyberattacks using ransomware targeting casino servers. Criminals use legitimate systems management tools to increase their online privileges.
The agency says third-party service providers are a common attack vector. New attack trends include exploiting vulnerabilities to gain remote access to vendor-controlled casino servers and hacking companies through system management tools to escalate online privileges.
Beginning in 2022, the FBI noted ransomware attacks on casinos that were intended to encrypt servers and personal information of employees and customers.
The FBI alert also states that the Silent Ransom Group (Luna Moth) has been engaged in data theft and extortion since June using the Callback Phishing technique. The criminals trick the victim into calling the number under the pretext of having unpaid bills.
If a victim falls for the scam, SRG convinces them to install a remote system management tool, which is then used to install other legitimate utilities designed for malicious activities. Hackers then compromise local files and network shared drives, exfiltrate the victim's data, and extort money from companies.
The FBI recommends that organizations maintain external media backups that are encrypted and immutable for the entire company's data infrastructure. Implementing policies for remote access and running only known and trusted applications is also a step towards improving security. Among other things, the use of strong passwords and multi-factor authentication (MFA), as well as auditing and managing administrative privileges, are also recommended.
The FBI is warning of the threat of cyberattacks using ransomware targeting casino servers. Criminals use legitimate systems management tools to increase their online privileges.
The agency says third-party service providers are a common attack vector. New attack trends include exploiting vulnerabilities to gain remote access to vendor-controlled casino servers and hacking companies through system management tools to escalate online privileges.
Beginning in 2022, the FBI noted ransomware attacks on casinos that were intended to encrypt servers and personal information of employees and customers.
The FBI alert also states that the Silent Ransom Group (Luna Moth) has been engaged in data theft and extortion since June using the Callback Phishing technique. The criminals trick the victim into calling the number under the pretext of having unpaid bills.
If a victim falls for the scam, SRG convinces them to install a remote system management tool, which is then used to install other legitimate utilities designed for malicious activities. Hackers then compromise local files and network shared drives, exfiltrate the victim's data, and extort money from companies.
The FBI recommends that organizations maintain external media backups that are encrypted and immutable for the entire company's data infrastructure. Implementing policies for remote access and running only known and trusted applications is also a step towards improving security. Among other things, the use of strong passwords and multi-factor authentication (MFA), as well as auditing and managing administrative privileges, are also recommended.