Sudbury

Gateway Casinos ransomware attack highlights need for better cybersecurity, says analyst

As Gateway Casinos recovers from a ransomware attack last month, a tech analyst says it should serve as a lesson to take cybersecurity more seriously.

Gateway Casinos closed its Ontario locations on April 17 and started reopening them on April 29

A sign that says Cascades Casino North Bay.
Gateway Casinos had to close its Ontario locations, including Cascades Casino in North Bay, so it could recover from a ransomware attack. (Erik White/CBC )

A ransomware attack that shut down Gateway Casinos for two weeks has highlighted the need for organizations to invest more in cybersecurity and employee training, according to a technology analyst.

On April 17 Gateway Casinos announced it was closing its Ontario locations due to a "cyber security incident" that happened the previous weekend.

In an email to customers on April 22, the company confirmed it was the victim of a ransomware attack, but added it had no evidence the personal information of customers and employees was compromised.

"We are continuing to work with third party experts on a 24/7 basis to determine if there has been any impact on personal information in this case," the email said.

"We want to reiterate that we have notified the relevant privacy officials, law enforcement, and government regulators about the cyber incident."

On April 29, Gateway Casinos confirmed it was starting to re-open its Ontario operations.

A man in a suburban neighbourhood.
Analyst Carmi Levy says organizations need to do better to train their employees to protect themselves from cyberattacks. (CBC)

Technology analyst and journalist Carmi Levy said ransomware attacks have become more sophisticated and frequent.

Levy said criminals will typically send phishing emails – which often look legitimate – to people inside an organization. They encourage the person receiving the email to download a file which would infect their machine and the organization's network.

The ransomware typically locks the person's or organization's data and asks them for payment – often in a cryptocurrency – to unlock that data.

"We think of ransomware as a technology issue, but it's a human resources issue. A training issue," Levy said.

Levy said there's no guarantee criminals will even unlock their victims' data if they get their payment.

More education needed

He added organizations often have to restore previous back-ups to recover from a ransomware attack, and that can take time.

"In many cases, a lot of organizations find out after they've been attacked by ransomware that their backups weren't quite as effective as they should have been," Levy said.

As cybercriminals become more sophisticated, Levy said better education is the best defence from ransomware and other cyber attacks.

"This is not a time for any organization to stick its head in the sand," he said.

"This is a time to go public about how their culture is going to be strengthened to prevent this from happening in future."

He said past campaigns on drinking and driving and practicing safe sex can serve as examples on how to educate the public to be safer online.

Levy added companies and other organizations that deal with the public need to be more transparent when they fall victim to cyberattacks, and share whether or not people's private information was compromised.

With files from Kate Rutherford