In the wake of cyberattacks on major U.S. casino operators, including MGM Resorts and Caesars Entertainment, Macau's casinos are intensifying their cybersecurity efforts to safeguard their operations. MGM Resorts, which operates in both the U.S. and Macau, experienced a cyberattack that disrupted its IT systems in September. On the other hand, Caesars Entertainment encountered hackers who targeted its Caesars Rewards loyalty program in August, with rumors suggesting a $15 million ransom was paid to avert operational disruptions.
While MGM China, a subsidiary of MGM Resorts, stated that the cyberattack on its U.S. casinos had not impacted its Macau resorts, the entire industry in Macau is on high alert due to the global attention these attacks have garnered.
According to reports from Asia Gaming Brief, the six casino firms in Macau, including Sands China, Wynn China, Melco Resorts, Galaxy Entertainment, and SJM Resorts, have conducted extensive cybersecurity reviews of their IT systems. These security checks are in line with the requirements set forth in the Macau Cybersecurity Law, which was enacted in December 2019.
The Macau Cybersecurity Law mandates that industries deemed essential to the local economy, including casinos, adhere to specific conditions aimed at protecting critical information networks and computer systems. Casinos are a significant contributor to the Macau government's revenue, accounting for over 80% of tax income.
Under the law, each casino establishment must establish a cybersecurity team, report IT security incidents and breaches promptly to local authorities, and undergo annual security assessments conducted by third-party experts.
Macau's authorities are no strangers to cybersecurity threats, as the region experienced a cyberattack on its hospitality and gaming sectors just last year. In April 2022, it was confirmed that at least 17 casino hotels had been targeted in a phishing attack that began in November 2021. Phishing attacks typically involve hackers sending fraudulent communications designed to appear legitimate and requesting sensitive data like login information from employees.
The Macau Cybersecurity Incident Alert and Response Center promptly notified casino and hotel operators in the region, which is believed to have prevented substantial data theft during the hacking attempt. South Korean hackers were implicated in the unsuccessful attacks.
While Macau's casinos are enhancing their cybersecurity measures, it is clear that the industry recognizes the importance of robust security protocols in safeguarding their operations and the sensitive data of their patrons. These efforts align with the broader global trend of heightened cybersecurity awareness and preparedness across industries.
By fLEXI tEAM