Cybersecurity: The intricacies of protecting digital assets from malicious actors 

Internet Vikings is a leading provider of first-to-market licensed in-state hosting for the sports betting and igaming sector in the US, serving solutions in 22 states. The company, founded in 2008, offers managed hosting, dedicated servers, co-location, and cloud hosting with a premium status proven by its ISO 27001 certification and intensive DDoS protection.

EGR North America (EGR NA): What do you consider is the biggest cyber threat to the gambling industry and why?

Rickard Vikström (RV): Ransomware is an exceptionally severe cybersecurity threat due to its potential for major financial losses, even for smaller companies. For instance, the MGM Resorts hack represents the extremely high costs incurred by larger corporations in the aftermath of such attacks. On the other hand, DDoS attacks remain a widespread and easy-to-execute threat.

This has influenced our decision to choose Cloudflare’s Magic Transit service to protect our clients and the industry at an intensified level. While DDoS attacks may not cause the same level of destruction as ransomware attacks, they can disrupt vital online services and pose significant challenges for businesses reliant on digital operations.

EGR NA: Talk us through the likely consequences of an operator’s database being breached by hackers.

RV: Malicious actors have diverse motives and databases are breached for various reasons including:

Financial gain – where hackers seek to profit by stealing customer data for activities like selling it on the dark web or engaging in identity theft;

Competitive advantage – where rival companies breach competitors’ databases to gain insights into strategies, customer bases, or product developments;

Espionage – involving state-sponsored actors or industrial spies targeting databases to gather intelligence on companies, governments, or individuals.

If a database is hacked, it makes an operator vulnerable to such issues as competitors and affiliates buying the compromised data and using it for retargeting or direct advertising strategies. They would also gain insights into your VIP clientele, enabling them to initiate contact with enticing “new offers”. This not only jeopardizes data security but also takes away the competitive edge and customer confidentiality you’ve worked to maintain. Other, more immediate consequences include:

Loss of customer trust: When customers learn their personal information has been compromised, they lose trust in the operator’s ability to protect their data. This can lead to customer churn and damage the operator’s reputation.

Legal and regulatory consequences: Depending on the district and the nature of the data breach, the operator may face legal consequences and regulatory fines.

Financial and operational impact: Data breaches can be costly to remediate. This includes expenses related to investigating the breach, notifying affected customers, providing credit monitoring services, and implementing security measures to prevent future breaches. Likewise, the operational impact, disrupting day-to-day operations and needing to allocate resources to the breach.

EGR NA: What tips would you give to operators looking to stave off this potential threat?

RV: Cold disaster recovery sites and separation of access are the best solution for staving off the potential threat of a ransomware attack because they make it more difficult for attackers to encrypt data and demand a ransom. Cold disaster recovery sites are physically and logically isolated away from primary production sites and are used to store backups and disaster recovery plans in the event of a disaster.

Plus, separation of access is a security principle that restricts who has access to what systems and Information data. Even if an attacker is able to gain access to a production system, they will not be able to access the backups or disaster recovery plans that are stored on a cold disaster recovery site. Then, separation of access will make it more difficult for attackers to move laterally through a network and access other critical systems.

Internet Vikings helps operators implement cold disaster recovery sites and separation of access in a number of ways. For cold disaster recovery sites, we provide access to secure facilities across the US, help design and implement disaster recovery plans, and test plans to ensure they are effective.

For separation of access, Internet Vikings implements role-based access control systems, and multi-factor authentication systems. We also conduct internal training exercises, just like fire drills, to ensure all personnel are well-prepared. This approach not only enhances security but also mitigates potential damage.

EGR NA: How long do cyberattacks last, generally?

RV: The duration of these attacks varies significantly, ranging from mere minutes to potentially extending over several months. It depends on both the scale of the attack and the level of preparedness by the targeted organization.

In September 2022, a new attack campaign named Ice Breaker targeted the online gaming industry. The attack used social engineering tactics to deploy a JavaScript backdoor. The attackers were able to go undetected for months, during which time they stole sensitive data and gained access to critical systems.

More recently, the BetMGM cybersecurity attack is a reminder that cybersecurity needs to be top priority and no organization is immune to targets. With the attack reported in August, they believe it potentially started in May, with allegedly over 1.5 million customers affected. 

EGR NA: Are there any specific parts of the world in which these threats are more pronounced? And in your opinion, are governments doing enough to combat cyberattacks? If not, what more should they be doing?

RV: These threats are not confined to specific geographic regions; they are global. However, the scale of their impact varies, with larger corporations in larger economies facing potentially greater absolute losses.

Governments have considerable room for improvement when it comes to combating cyberattacks. They should focus on proactive measures, such as enhancing public awareness and education on cybersecurity issues, rather like the introduction of door locks centuries ago. It took time to make people grasp the importance of locks and similarly, governments should invest in long-term efforts to mitigate cyber threats effectively. I believe that in 30 years from now, this is exactly how we will review it – we lock away our digital assets just as we do our personal belongings.

EGR NA: Based on your experience, what would be the most innovative way online gaming and sports betting industry can protect itself?

RV: At Internet Vikings, we strongly believe in these three factors: Educate staff. Talk about it. Never let it be swept under the rug.

Organizations should educate their employees about cybersecurity best practices, implement multi-factor authentication, use a security information and event management (SIEM) system, keep their software up to date, and have a plan in place for responding to incidents.

Drawing from my own experience, the most innovative approach for the industry to safeguard itself is a relentless commitment to staff education and open dialogue. It’s imperative not to side line the issue but instead to ensure it’s consistently in focus. 

CEOs should foster a corporate culture where cybersecurity is never forgotten, and employees are always vigilant. This ongoing diligence is the most effective way to protect against evolving threats in today’s digital industry.

Rickard Vikström is CEO of Internet Vikings, an entrepreneur and industry expert with 20+ years’ experience in the hosting and cybersecurity space. He excels in providing tailored hosting solutions for igaming and online sports betting enterprises across the US, elevating businesses through his profound understanding of the technical aspects. Vikström’s leadership has transformed Internet Vikings into a leading provider of licensed in-state hosting, available across 22 states.