File photo: Hong Kong, Macau casino. — © AFP/File Anthony WALLACE
Marina Bay Sands has disclosed a data breach impacting the personal data of 665,000 customers. The large complex is located in Singapore’s Marina Bay waterfront and the campus includes a 2,200-room hotel alongside one of the largest casinos in Asia. Tye site is a popular one with the wealthy vacationer.
The attack on Marina Bay Sands follows ransomware attacks on Las Vegas-based MGM Resorts and Caesars Entertainment, which highlights a vulnerability with this form of ‘hospitality’ industry.
Looking into this cyber-incident for Digital Journal is Alastair Williams, Vice President of Worldwide Systems Engineering at Skybox Security.
Williams says that coming out of this incident, all organisations with large and complex structures should be re-assessing their security provisions: “In the wake of the recent Marina Bay Sands data breach, organizations need to re-evaluate and enhance their cybersecurity posture to safeguard against potential vulnerabilities that could expose customers to social engineering attacks.”
The sophistication of hackers means that new approaches and tactics are required. Williams finds: “While conventional security measures like spam filters and endpoint detection and response mechanisms can make it harder for malicious actors to breach an organization’s defences, these measures alone may fall short of providing comprehensive protection.”
As to what form these additional measures can take, Williams presents: “Individuals must be well-informed about identifying and mitigating the risks associated with social engineering and phishing scams.”
He adds that: “Organizations should kickstart this process by adopting a holistic approach that encompasses a comprehensive view, modelling, and visualization of their entire attack surface, including IT and OT environments and all of their connections.”
However, these are simply the basic requirements. For true safeguarding, other measures are required. Williams advises: “Organizations should not limit themselves to active scanning alone; they should incorporate ‘scanless’ detection techniques as well.”
The advantages of adopting this are: “This choice leads to continuous, non-intrusive discovery, even on assets that cannot be actively scanned, such as routers, switches, and sensitive OT devices, effectively filling the gaps between active scan events on scannable assets.”
Beyond this, there are other strategies to consider. Williams identifies these as: “To further fortify their cybersecurity measures, organizations should ensure they have solutions in place that can quantify the business impact of cyber risks in terms of their economic consequences. This approach aids in the identification and prioritization of the most critical threats, taking into consideration factors like the size of the financial impact and other risk analyses, including exposure-based risk scores.”