You may have heard that Las Vegas Sands was hacked recently, but it happened nearly a year ago on February 10th of 2014.
PCs and Servers were getting shut down and their hard drives started to erase. The phone lines were dead. Even systems that run the loyalty rewards plans for Sands customers; programs that monitor the performance and payout of slot machines and table games at Sands’ U.S. casinos; and a multimillion-dollar storage system. They wiped out more than $40 million in equipment and data.
Why?
This was a fight between Iran’s Supreme Leader Ayatollah Ali Khamenei and chief executive officer and majority owner, the billionaire Sheldon Adelson.
Iranian hackers posted private employee information stolen in the attack including names, titles, Social Security numbers, and e-mail addresses. One message left specifically for Adelson read, ”Damn A, Don’t let your tongue cut your throat.”
Sands has been slow to adapt to digital threats. Two years ago it had a cybersecurity staff of five people protecting 25,000 computers, according to a former executive. The board authorized a major upgrade of tools and personnel in 2013, but the project was slated to be rolled out over 18 months.
Hackers found a weakness in a Web development server used by Sands Bethlehem to review and test Web pages before they went live. Once inside, hackers used a tool called Mimikatz to reveal passwords used previously to log in to a computer or server. They found login credentials of a senior computer systems engineer from Sands corporate company headquarters.
Read more here.