United States blames Iran for hack of world’s largest gambling company

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Sands CasinoIran has been blamed by a senior US intelligence official, for launching a damaging attack against the Las Vegas Sands casino corporation.

One year ago, computer systems at the world’s biggest gambling company were brought to a standstill after hackers broke into computer networks, and planted malware that wiped hard drives and shut down email and phone systems.

First the hackers tried to attack the Sands Casino Resort in Bethlehem, Pennsylvania, believing it to be a soft touch in the Las Vegas Sands Corporation’s empire. They bombarded the resort’s VPN, used by staff to access computer systems remotely, with a brute-force attack designed to crack passwords.

IT managers at the Bethlehem resort noticed the unusually high number of failed attempts to log in via the VPN and, realising an attack was taking place, hardened security by requiring more than just a password for access.

Sign up to our free newsletter.
Security news, advice, and tips.

But that didn’t put off the hackers. They redoubled their efforts, finding a vulnerability in a web development server and were able to use hacking tools to reveal passwords previously used to login.

Eventually, they were also able to uncover a senior system engineer’s login credentials for the gambling company’s servers in Las Vegas. They had hit the jackpot, and installed malware – ticking away at the heart of the company, waiting for the moment to wipe hard drives with random data.

Fortunately, credit card data did not fall into the hands of the hackers, but they were able to hijack the website – defacing it with a map of the world showing the company’s resorts in flames, an image of billionaire CEO Sheldon Adelson alongside Israeli Prime Minister Benjamin Netanyahu, and a scrolling message displaying the names, social security numbers and email addresses of employees.

Defaced website

Sheldon Adelson is an outspoken supporter of Israeli, leading many to believe at the time that the hack was politically motivated.

The Las Vegas Sands Corporation, owners of the Sands, Venetian, and Palazzo hotels and casinos, managed to keep details of the scale of the attack under wraps until late last year when it was first suggested that hacktivists in Iran might have been responsible.

Now, for the first time, a senior US intelligence official has confirmed that it was indeed Iran that was behind the attack against the gambling company, and that it (along with the later hacking of Sony attributed to North Korea) marked the first instances of state-sponsored internet attacks on American companies.

As reported by Bloomberg, Director of national intelligence James Clapper told the Senate Armed Services Committee that similar attacks threaten the United States more in future than an attack against critical infrastructure:

“Rather than a ‘cyber-Armageddon’ scenario that debilitates the entire US infrastructure, we envision something different. We foresee an ongoing series of low-to-moderate level cyber-attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”

“While both of these nations have lesser technical capabilities in comparison to Russia and China, these destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber-actors.”

Quite how Clapper has determined that Iran was behind the hack remains something of a mystery, and it may be sensible to ask for evidence to support the claim (as it is with the claims that Kim Jong-Un ordered North Korean hackers to target Sony because of a dumb movie).

Sheldon AdelsonAfter all, Iran may not like the political views of Sheldon Adelson – but is that a good enough reason to put efforts and finances behind hacking his organisation and defacing a website?

Wouldn’t it be more sensible to not announce that a security incident has occurred (such an obvious defacement does rather raise a “red flag”), and instead try to exfiltrate information and data over an extended period of time?

You should ask yourself, what has the likes of Iran got to gain from hacking the Las Vegas Sands Corporation? Was it simply a way of stealing some money from the world’s ninth-richest man? If so, it appears to have failed.

And, you should wonder, just how does a senior US intelligence official *know* that the hack was state-sponsored rather than the work, say, of politically-motivated hackers in the Middle East who decided to take matters in their own hands?

I’m not saying that Iran wasn’t involved in some way in the attack against the Last Vegas Sands Corporation. Perhaps it was, perhaps it wasn’t. But we shouldn’t accept it as fact until some convincing proof has been provided.

And let’s not forget, there’s some irony in America being outraged by another country’s alleged hacking. If the last few years have proved anything, they’ve shown that the United States is very willing to hack into the computers of legitimate private organisations overseas.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “United States blames Iran for hack of world’s largest gambling company”

  1. Coyote

    " and it may be sensible to ask for evidence to support the claim"
    .. if only they (authorities) had a decent amount of sense in general (or for that matter, decency). I think that is asking for too much though. And yes, it is beyond hypocritical of the US but it isn't really surprising, either, unfortunate as it may be. I would also suggest that the US isn't by any means the only country to be a major player in hypocrisy. I don't think that will change.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.