Feeds

DON'T PANIC! No credit card details lost after hackers crack world's largest casino group

Las Vegas Sands email and website still down after hackers trash CEO Sheldon Adelson

Beginner's guide to SSL certificates

IT administrators at the Las Vegas Sands casino are having a tough time restoring their systems after hackers successfully got inside the corporation's firewall, but it appears that the most valuable sections of the network are safe, according to the Nevada Gaming Control Board.

Board chairman A.G. Burnett told Associated Press that the credit card database of customers at the world's largest gambling chain is secure, and that the integrity of the gambling systems run by the chain hasn't been breached, so no Ocean's 11–style antics are expected.

The problems for the casino started on Monday when the attackers took control of the company's website and posted an image of the consortium's US casinos in flames, along with a picture of CEO Sheldon Adelson with Israeli Prime Minister Benjamin Netanyahu and the message "Damn A, don't let your tongue cut your throat. Encouraging the use of weapons of mass destruction, under any conditions, is a crime."

Hackers deface the Las Vegas Sands website

Hardly a well-designed website

More worryingly, the hackers also added a scrolling list of employees, their email addresses, some social security numbers, and other identifying information. The Sands website is still down and a spokesperson confirmed to El Reg that the email systems still haven't been switched back on.

"While we have been able to confirm that certain core operating systems were not impacted by the hacking, the company remains focused on working through a step-by-step process to ascertain what, if any, additional systems may have been impacted," Sands spokesman Ron Reese said in a reported statement.

At first sight this looks like a politically motivated attack against Sheldon Adelson, the billionaire CEO of the Sands group. Adelson's biography reads like a Horatio Alger myth: the son of poor Ukrainian immigrants who became the ninth richest man in the world, and he's known in the technology industry as the founder of the COMDEX trade show, which he sold in 1995 for $862m.

Adelson also donates millions to American political campaigns – almost exclusively to the Republican Party and its candidates – and is somewhat outspoken on foreign policy issues in the Middle East. The hacker's message presumably refers to a comment he made suggesting the US should explode a nuclear weapon over uninhabited Iran's land as a precursor to negotiations over its nuclear program – a comment he later dismissed as hyperbole.

Defacing a website isn't too hard, and usually has minimal effect on the owners, but the fact that internal systems were broken into to is cause for concern. Seemingly innocuous hacking or DDoS attacks have been used in the past to mask deeper penetrations in the past, and computer forensics teams will be scouring through server logs to find out exactly what happened.

Nevada gaming officials are investigating the attack at the moment, and the FBI is also reported to be looking into the case. Neither was available for comment at time of going to press. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.