Crown Casino loses $32m in IT security breach

9

blog Well, you don’t see one of these every day; in fact, outside of the fictional world of Ocean’s Eleven, you don’t tend to see this kind of story at all, let alone in Australia. The ABC reports that a high-roller gambler has scammed Melbourne’s Crown Casino of $32 million, with what looks to be the assistance of the casino’s own in-house surveillance system. The ABC reports (we recommend you click here for the full article):

Barron Stringfellow, an international gambling security consultant who trains regulatory authorities in Victoria, says it appears the high roller and his accomplice tapped into Crown’s security systems. “Then, through a wireless transmission to his ear during his eight hands of play, he was told exactly what plays would be beneficial to make,” he told ABC local radio.

Frankly, we can’t help but find this kind of thing incredible. An organisation as large as Crown should have very stringent security controls around all aspects of its business. If a dedicated gambler with some help from the inside was able to break through those controls this easily, one suspects Crown has a great deal of work to do to secure it’s IT infrastructure. Perhaps it’s time Crown got the big guns over from Vegas to help it lockdown its systems?

Image credit: Christian Ferrari, royalty free

9 COMMENTS

  1. From what I’ve heard, it was the other players that lost the cash. Crown was making the money out of renting the room and the dealer. Private game, so no losses to Crown other than reputation.

    I’ve also heard from “various sources” that it’s not so uncommon to find IP cameras hooked directly up to the internet. Apparently, not everyone is security-conscious, which makes me wonder what’s going on at Crown.

    • That would make sense, although surely Crown would also have been taking a cut from the bets. In any case, it’s a huge disaster for Crown.

    • “I’ve also heard from “various sources” that it’s not so uncommon to find IP cameras hooked directly up to the internet.”

      Although the media likes to throw around the term “CCTV”, the truth is many camera systems these days are hooked up to the internet. they are no longer closed circuit. I suppose you could completely physically segment off a network just to run IP cameras…

      • I wasn’t talking about closed circuit vs LAN, but more like plugging the address of the camera into your web browser and view the camera’s video feed directly on the public Internet. It’s not really much different to all the network printers that are accessible via their IP on the public Internet.

  2. Another article states the the casino is in a “good position” to recover the cash, and that the gambler was busted mid game, ejected (along with his family who were at the hotel) on to the street, and his ‘VIP handler” fired. There will likely be more from Crown once they have all the details and worked out how to spin the story in to a positive for them.

    Crown also has one of the best security systems in the world, despite your ‘big guns from Vegas’ assertion. Did you know that Crown has a facial recognition system that can ping anyone entering the building from a list of know felons and outstanding warrants, as well as crowns own ‘exclusion’ database?

    Also, You don’t just ‘break in’ to those types of security systems. You find a debt laden, non-loyal, $55,000 a year security technician that works there and pay them off with maybe $300,000, then try to walk out with $30,000,000.

    The players problem was that they got greedy (stupid) and won every hand, or folded for too little loss. Technology can help, but it cant beat psychology as well.

Comments are closed.