Posted on: April 25, 2023, 12:16h.
Last updated on: April 24, 2023, 07:16h.
Gateway Casinos in Canada has endured a more than weeklong closure of its 14 properties in Ontario, the shutdown the result of a cyberattack against the company’s information technology (IT) infrastructure.
Gateway’s Ontario casinos ceased operations on Sunday, April 16, around 1 pm local CDT. The company blamed an “IT outage” at the time for the temporary closings.
The Canadian gaming giant this past weekend confirmed that an online criminal group was behind the cyberattack. Gateway officials said the illicit internet gang initiated a ransomware offensive on the group’s computer networks that disrupted operations.
A Gateway spokesperson informed The London Free Press on Monday that the cyber event is nearing a resolution and that the casinos will begin reopening later this week.
Presently, we are testing IT systems and are now working to safely reopen our Ontario operations,” said Rob Mitchell, Gateway’s communications and public affairs director.
Mitchell said the reopening timeline is dependent on the success of the testing and the subsequent approval of regulatory bodies.
The impacted casinos include Gateway casino locations in Sault Ste. Marie, Sudbury, Thunder Bay, North Bay, Innisfil, Clinton, London, Sarnia, and Woodstock. The incident additionally involves Playtime Casino Wasaga Beach, Casino Rama Resort, Cascades Casino Chatham, Playtime Casino Hanover, and Starlight Casino Point Edward.
Cybergangs often impede IT systems with ransomware that halts the networks’ functionality and processes. The criminals tell the impacted firms that their systems can be restored in exchange for a bounty.
Governments typically advise affected companies not to pay a ransom. But despite that guidance, many companies opt to pay to quickly resolve their IT functions and resume normal business.
Many of the world’s largest and most technologically advanced companies actively seek hackers to try and infiltrate their systems through “bug bounty” programs. Google disclosed in February that the company paid a record $12 million in 2022 through its bug bounty programs. Bug bounties are times when hackers are welcomed to try and infiltrate a supposedly secure network. If they manage to obtain access, the company pays a commission.
Gateway, like many other privately held companies hit with ransomware, isn’t revealing whether it ponied up a ransom.
Though it’s difficult to total because hackers typically require that ransoms be paid via cryptocurrency, blockchain analytical firm Chainalysis reports that ransomware gangs extorted about $456 million from victims last year. But that’s down significantly from the estimated $765 million that was thought to be extorted via ransomware in 2021.
The Gateway Casinos attack on its Ontario IT systems comes as the Canadian gaming industry is amid its COVID-19 recovery.
The 14 casinos being closed for eight days will cost the casino operator tens of millions of dollars in lost gaming revenue. The closures are also a major loss for the Ontario government, which owns the physical properties and collects 20% of the gaming income from their operations.
It’s unfortunate. The timing isn’t good. Business has been good. It has bounced back and now this incident,” said Paul Burns, who heads the Canadian Gaming Association.
“This is an important time for us and there has been a positive feeling in the industry about how casinos are performing,” Burns continued. “It will be back and we believe customers will come back again. They came back after the pandemic. They will again. We’re resilient.”