Straight out of a heist movie
The scene comes straight out of a heist movie, but with one exception: in the current casino heist trend, the robbers never set foot in the casino. Instead, cyber hackers make casinos and online gambling operators frequent targets by using ransomware. They first hack into a casino’s systems and then demand ransom to restore the casino’s access to its own database and functions.
as many as seven out of ten cyberattacks in 2023 were for ransom
The ransom business is highly profitable. Statista reports that as many as seven out of ten cyberattacks in 2023 were for ransom, recording over 317 million attempts that resulted in a significant increase in ransom collection between 2022 to 2023 – from $457m to $1.1bn.
For example, as we covered extensively in 2023, a major attack on MGM Resorts cost the company more than $100m. Pretending to be an employee requesting a password change, a hacker called the company’s tech support team. Within ten minutes, the hacker had gained access to MGM’s systems.
New ransomware attack
In a more recent example this past weekend, Kewadin Casinos uncovered a security breach that led to the company shutting down all gaming operations until the hack can be fixed. The company is owned by the Sault Ste. Marie Tribe of Chippewa Indians, which operates casinos in Sault Ste. Marie, St. Ignace, Manistique, Christmas, and Hessel, all on Michigan’s Upper Peninsula.
As of February 17, 2025, all locations and gaming operations have been suspended while the company attempts to resolve the issue. Tribal Chairman Austin Lowes told WLUC that in this case, the ransomware attack involved the hacker encrypting the company’s files, making them impossible to access. The hackers are now demanding a ransom for decryption.
the hack has resulted in Kewadin being unable to access the company’s systems
The company’s website states that the hack has resulted in Kewadin being unable to access the company’s systems or central phone lines. The casino has been forced to offer a separate phone line for hotel guests to request refunds for current hotel reservations.
In a statement on Facebook, Kewadin management stated: “We immediately enlisted the help of third-party experts to determine how this incident was caused and to restore our gaming operations as quickly as possible. That investigation is ongoing. We understand that this is inconvenient and unexpected news. Please know our experts are working around-the-clock to restore gaming operations. We apologize for this inconvenience.”
Casinos fight back
While ransomware attacks have continued, casinos have learned how to fight back with an unusual method: they simply don’t pay the ransom. Sounds surprising, but in the fourth quarter of 2023, as few as 29% of global ransomware attacks resulted in a ransom payment. The payment percentage represents a sharp decrease from 41% in 2023, with the average amount paid sliding from $850k to just under $570k.
