Ransomware groups attack casinos on Native American reservations

The Federal Bureau of Investigation (FBI) issued a private industry alert to notify casino owners on tribal properties about an aggressive ransomware campaign that has infected various establishments, completely crippling their operations. Authorities are identifying this wave of attacks as an active hacking campaign since 2016.

Apparently, the establishments affected with the encryption malware had to close their game rooms, restaurants, hotels and other common areas, which have generated millionaire losses. The FBI believes that the reduced technological capabilities in some of these tribal communities have caused threat actors to see them as a highly vulnerable group to these attacks.

Among the ransomware groups identified as part of this campaign are dangerous operations such as REvil, Bitpaymer, Ryuk, Conti and Cuba.

As mentioned above, the FBI identified these attacks as part of a years-long active cybercriminal campaign that aims to impact other areas of tribal communities, including public services, health care and other activities. On previous occasions, cybercriminals managed to disrupt the emergency service systems and police departments of some tribes.

One of the most severe incidents occurred in late 2019, when a ransomware group managed to impact the Eastern Band of Cherokee Indians (EBCI) community. Soon after, a cybersecurity firm demonstrated that threat actors had acted in complicity with a tribal employee, who took advantage of poor security measures in public systems to inject the malware.

Ransomware remains one of the top cybersecurity threats in the U.S. and the rest of the world. A few weeks ago, the U.S. Treasury Department issued a report identifying cryptocurrency transactions for at least $5.2 billion USD potentially related to ransomware attacks.

This report was shared with representatives from at least 30 countries, who pledged to strengthen an alliance in order to establish stricter measures against ransomware groups and thus prevent these groups from continuing to grow and earn millions of dollars. 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.