One year ago, computer systems at the world’s biggest gambling company were brought to a standstill after hackers broke into computer networks, and planted malware that wiped hard drives and shut down email and phone systems.
First the hackers tried to attack the Sands Casino Resort in Bethlehem, Pennsylvania, believing it to be a soft touch in the Las Vegas Sands Corporation’s empire. They bombarded the resort’s VPN, used by staff to access computer systems remotely, with a brute-force attack designed to crack passwords.
IT managers at the Bethlehem resort noticed the unusually high number of failed attempts to log in via the VPN and, realising an attack was taking place, hardened security by requiring more than just a password for access.
But that didn’t put off the hackers. They redoubled their efforts, finding a vulnerability in a web development server and were able to use hacking tools to reveal passwords previously used to login.
Eventually, they were also able to uncover a senior system engineer’s login credentials for the gambling company’s servers in Las Vegas. They had hit the jackpot, and installed malware – ticking away at the heart of the company, waiting for the moment to wipe hard drives with random data.
Fortunately, credit card data did not fall into the hands of the hackers, but they were able to hijack the website – defacing it with a map of the world showing the company’s resorts in flames, an image of billionaire CEO Sheldon Adelson alongside Israeli Prime Minister Benjamin Netanyahu, and a scrolling message displaying the names, social security numbers and email addresses of employees.
Sheldon Adelson is an outspoken supporter of Israeli, leading many to believe at the time that the hack was politically motivated.
The Las Vegas Sands Corporation, owners of the Sands, Venetian, and Palazzo hotels and casinos, managed to keep details of the scale of the attack under wraps until late last year when it was first suggested that hacktivists in Iran might have been responsible.
Now, for the first time, a senior US intelligence official has confirmed that it was indeed Iran that was behind the attack against the gambling company, and that it (along with the later hacking of Sony attributed to North Korea) marked the first instances of state-sponsored internet attacks on American companies.
As reported by Bloomberg, Director of national intelligence James Clapper told the Senate Armed Services Committee that similar attacks threaten the United States more in future than an attack against critical infrastructure:
“Rather than a ‘cyber-Armageddon’ scenario that debilitates the entire US infrastructure, we envision something different. We foresee an ongoing series of low-to-moderate level cyber-attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
“While both of these nations have lesser technical capabilities in comparison to Russia and China, these destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber-actors.”
Quite how Clapper has determined that Iran was behind the hack remains something of a mystery, and it may be sensible to ask for evidence to support the claim (as it is with the claims that Kim Jong-Un ordered North Korean hackers to target Sony because of a dumb movie).
Wouldn’t it be more sensible to not announce that a security incident has occurred (such an obvious defacement does rather raise a “red flag”), and instead try to exfiltrate information and data over an extended period of time?
You should ask yourself, what has the likes of Iran got to gain from hacking the Las Vegas Sands Corporation? Was it simply a way of stealing some money from the world’s ninth-richest man? If so, it appears to have failed.
And, you should wonder, just how does a senior US intelligence official *know* that the hack was state-sponsored rather than the work, say, of politically-motivated hackers in the Middle East who decided to take matters in their own hands?
I’m not saying that Iran wasn’t involved in some way in the attack against the Last Vegas Sands Corporation. Perhaps it was, perhaps it wasn’t. But we shouldn’t accept it as fact until some convincing proof has been provided.
And let’s not forget, there’s some irony in America being outraged by another country’s alleged hacking. If the last few years have proved anything, they’ve shown that the United States is very willing to hack into the computers of legitimate private organisations overseas.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.