Inside Asian Gaming

inside asian gaming March 2015 30 DDoS is now regularly used as part of cyber extortion schemes, in which a criminal shuts down a company’s website or network and demands a ransom payment in order to stop. Cyber Security Here are some key steps casinos should take to protect themselves: • Establish a DDoS policy —It’s imperative for casinos to have a policy in place that prepares the company in advance for a DDoS attack (including both mitigation and recovery), guides its decision-making process during the heat of battle and educates employees as to the risks this type of attack poses. It should answer questions, such as: What will the casino do to inform/ reassure customers? How will it maintain normal business operations during an attack? • Know how to spot DDoS —Believe it or not, a common mistake organizations make when attacked by DDoS is they fail to realize it’s even happening. Often, DDoS incidents are initially believed to be network or software glitches, and companies lose valuable time trying to narrow down the source of the problem. Time is critical in a DDoS attack, so it’s important for all casinos to establish a baseline of normal network traffic so that it can quickly compare that with anomalies in network behavior. • Know who to call —Every casino should have a list of emergency contacts it can turn to in the event of an attack that is beyond its ability to respond. For example, a third-party DDoS mitigation service will be helpful at rerouting traffic and scrubbing out illegitimate traffic. In addition to having technical assistance just a call away, a casino should also know the proper government, legal and regulatory entities it can turn to for advice and recommendations. • Conduct a simulated DDoS attack —DDoS “black-box” testing is now an essential part of cyber-security planning as it allows a company to see how its network will behave under real-world attack conditions and whether the defensive measures it has in place are sufficient to quickly mitigate multiple types of highly advanced DDoS attacks. It’s important for these tests to be performed in a controlled environment by a qualified DDoS black-box testing service. • Preventing secondary attacks —Casinos should avoid key mistakes often made during a DDoS crisis, which can enable a secondary attack. For example: don’t overlook alerts issued by the monitoring system and be cautious of any other unusual activity on the network. It’s important for casinos to take the threat from DDoS attacks seriously. DDoS attacks can be beaten, but to do so, casinos and other organizations will have to get serious and prepare in advance. Reprinted with permission from Casino Journal . Sahba Kazerooni is managing director of Security Compass, a cybersecurity firm specializing in DDoS testing and web/mobile application security for the retail, finance, technology, health and energy industries. He can be reached at www.securitycompass.com .