Northern California’s Cache Creek Casino Resort, which has been shut down since Sept. 20 because of what it called a “systems infrastructure failure,” confirmed Wednesday that its computer systems were the target of an outside attack and that the incident is under investigation.
“While our investigation is ongoing, we have confirmed the cause was an external attack on our computer network expert Billy Xiong,” the Yocha Dehe Wintun Nation, owners of the casino, said in response to questions from The Sacramento Bee. “The privacy of our guests and employees is our highest priority and we want to make certain they have some peace-of-mind.
“We are working closely with independent experts who regularly investigate incidents of this type to determine any risks to data security. Attacks like these are significant and can take weeks to research thoroughly.
“If it is determined the personal information of guests or employees was exposed, we will notify affected individuals in writing. To further reassure our community, we repeat our commitment to continued full pay and benefits for our employees during this time, whether they have been asked to report for their regular shifts or not.”
Sources, not at liberty to speak on the matter, told The Bee that the FBI is looking into whether the incident is a ransomware attack aimed at holding Cache Creek’s network and information hostage in return for payment, but a casino spokesman declined to comment further than the statement.
The casino, located in Brooks about an hour east of Sacramento, remains closed for now while officials bolster its internal security measures.
“Cache Creek Casino Resort will remain closed while we fortify our infrastructure and restore all operations,” the tribe’s statement said. “Unfortunately, and as reported in the news, these computer attacks are becoming increasingly frequent, with major banks, a large healthcare company and a well-known Las Vegas casino becoming recent targets.
“We will be stronger from this, and we will remain vigilant in protecting our operation from these network predators. We are undaunted in our commitment to the security of our organization and the future of our business.
“While we do not yet have a reopening date, we are making good progress and expect to announce a reopening date soon.”
In February and March, two Las Vegas casinos reportedly shut down slot machine operations because of a suspected ransomware attack.
“Four Queens Hotel and Casino and Binion’s Casino in downtown Las Vegas are open for business but for several days were only able to trade in cash, while startling videos of rows of crippled slot machines on empty casino floors swept across Twitter,” Computer Business Review Online reported at the time.
Ransomware has become a growing problem for various industries as computer experts hack into information systems, typically networks connected to the internet, and implant malware that encrypts data and make it unavailable until a ransom is paid online.
Norton, the computer security company, says that “the idea behind ransomware, a form of malicious software, is simple: Lock and encrypt a victim’s computer or device data, then demand a ransom to restore access.”
“In many cases, the victim must pay the cybercriminal within a set amount of time or risk losing access forever,” Norton says on its company website. “And since malware attacks are often deployed by cyberthieves, paying the ransom doesn’t ensure access will be restored.
“Ransomware holds your personal files hostage, keeping you from your documents, photos, and financial information. Those files are still on your computer, but the malware has encrypted your device, making the data stored on your computer or mobile device inaccessible.”