External attack surface management platform, Reposify, has discovered multiple vulnerabilities in the IT networks of Las Vegas’s leading casinos. Recently, Nevada Gaming Control Board (NGCB) issued a warning for all the casino operators and advised them to remain prepared for possible cyber-attacks.
“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” Reposify spokesperson said.
Researchers from Reposify used an External attack surface management (EASM) platform to detect security loopholes in the IT networks of casinos that might catch attackers’ attention. During their examination, researchers discovered multiple exposures in the network perimeter of a leading Las Vegas casino and also a stack trace of a casino’s purchasing system.
The security loophole in stack trace allowed researchers to secure details regarding the casino’s backend architecture and other highly sensitive information. Researchers claim that attackers can abuse exposed stack traces to secure access into a casino’s internal networks.
In addition, cybersecurity experts also spotted a Microsoft Exchange server with multiple critical flaws. These flaws could allow malicious actors to gain domain administrator rights and execute remote code attacks.
“If attackers managed to gain access to this server, which they could easily do by exploiting the several vulnerabilities this server had, they would be able to see all internal and external communications, launch phishing and ransomware attacks, among others,” Repsoify’s spokesperson told CyberNews in an email.
According to the researchers, one of the casinos did not use multi-factor authentication for logging in to a firewall system, leaving a critical part of security open to credential stuffing and brute force attacks.
“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” the spokesperson explained.
Notably, Reposify did not publish the names of the affected casinos and also didn't know whether discovered flaws were abused or not. Consequently, casinos with security loopholes in their IT systems were informed about the findings of the research in an attempt to help them fix the issues.
“Casinos are considered a lucrative target for attackers, as evident by the numerous recent attacks on such establishments. After reviewing the exposures and unencrypted assets discovered over publicly accessible internet, I urge security teams to take immediate actions to identify and eliminate unknown exposures in their attack surfaces before they fall victim to the next cyber-attack,” Arnon Yosha, a senior security researcher at Reposify, stated.
