IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Rob Ratcliff was the Content and Community Manager of IFSEC Global.com. He is a self-confessed everyman in the world of security and fire, keen to learn from the global community of experts who have been a part of IFSEC for 40 years now.
A high roller and his accomplice scammed a casino in Melbourne, Australia, by hacking into the surveillance system to cheat (and win) at a series of card games in his suite.
The Herald Sun in Melbourne reported that the gambler was able to use information from security cameras about his opponent’s cards to scam the Crown Towers Casino for around $32 million in eight key hands. The gambler was known to casino owners as a “whale” (someone who regularly bets and loses large amounts of money) and was being hosted in one of the Crown’s high-roller suites.
An unauthorised person was given remote access to the casino’s surveillance systems and was able to relay information about the cards in play to the gambler.
Incidents like this are quite rare, and this is believed to be the biggest scam to hit the Crown since it opened 19 years ago. The casino has “one of the most advanced, complex and comprehensive video surveillance systems currently in use in Victoria,” according to a Victorian Law Reform Commission report from 2010. “The primary component of this system is CCTV.”
The gambling expert Barron Stringfellow told ABC Melbourne that hacking a casino’s security system isn’t as hard as one would imagine. “It’s very easy to intercept a signal from many casinos that don’t take precaution.” But Robert D. Grossman, a US security consultant who works extensively with casinos, told us that he was surprised by the scam.
It is extremely unusual to have open access to a gaming [surveillance] system, for exactly this reason. There are a number of precautions that should be taken, including separate camera and workstation networks, secure clients, and patchable Internet access.
When casino bosses discovered the unauthorised access, the gambler (believed to be from another country) was asked to leave the hotel. He was also quickly banned by the Victorian Commission for Gambling and Liquor Regulation. He is believed to have returned to his home country. This could make recovering the $32 million difficult, but the casino apparently hopes that it will be able to recover at least some of the money.
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
Hacking Surveillance Cameras in CasinosA high roller and his accomplice scammed a casino in Melbourne, Australia, by hacking into the surveillance system to cheat […]
Robert Ratcliff
IFSEC Insider | Security and Fire News and Resources
Subscribe
6 Comments
Oldest
NewestMost Voted
Inline Feedbacks
View all comments
DShepherd
March 20, 2013 6:29 am
Does this take us back to a previous discussion about Closed Circuit Television systems being “CLOSED”?
Hah, yes I think it does! But the times they are a-changin’ and that’s why we try our best to say ‘video surveillance’ rather than CCTV. Important semantic detail, I think. This is, by the sounds of it, a bizarre one off and I find the quote from Stringfellow about hacking surveillance being easier than you’d think odd. I actually think it’d be harder than I think. If that makes any sense at all.
If we search the net we can have accesss to an nth amount of cameras out of which few can be termed as security cameras. Many a people keep these camera free to use on net but few have more personalized access to them. I think these scams might be happeneing for quite some time but I believed that its first time it is having an amount of 32 million. I think once people take security of information lightly these things bound to happen.
I suspect that you are right with regard to insider help. I’ve been to a number of casinos in Australia and their gaming controls and procedures are excellent. I can’t imagine that they weren’t extremely conservative with system design, and at a minimum, video access had to be encrypted and password protected. But it’s a different world when an insider gets involved. To protect against that, the controls have to be so much more stringent that they will likely impact operations. Although, I suspect that if an insider was involved they will figure out who and how fairly quickly. We… Read more »
Of course. This is often the problem for industry commentators like me, as we struggle to get an insight into closed processes and systems. I know some manufacturers have said to me off the record that they get very frustrated because they can’t tell the ‘good news’ of really effective systems they’ve worked on with a customer because the customer (naturally) doesn’t want to expose how their systems work.
Does this take us back to a previous discussion about Closed Circuit Television systems being “CLOSED”?
Hah, yes I think it does! But the times they are a-changin’ and that’s why we try our best to say ‘video surveillance’ rather than CCTV. Important semantic detail, I think. This is, by the sounds of it, a bizarre one off and I find the quote from Stringfellow about hacking surveillance being easier than you’d think odd. I actually think it’d be harder than I think. If that makes any sense at all.
If we search the net we can have accesss to an nth amount of cameras out of which few can be termed as security cameras. Many a people keep these camera free to use on net but few have more personalized access to them. I think these scams might be happeneing for quite some time but I believed that its first time it is having an amount of 32 million. I think once people take security of information lightly these things bound to happen.
The details of this case are a bit patchy right now, but it may be that there was some insider help to gain access to the system.
I suspect that you are right with regard to insider help. I’ve been to a number of casinos in Australia and their gaming controls and procedures are excellent. I can’t imagine that they weren’t extremely conservative with system design, and at a minimum, video access had to be encrypted and password protected. But it’s a different world when an insider gets involved. To protect against that, the controls have to be so much more stringent that they will likely impact operations. Although, I suspect that if an insider was involved they will figure out who and how fairly quickly. We… Read more »
Of course. This is often the problem for industry commentators like me, as we struggle to get an insight into closed processes and systems. I know some manufacturers have said to me off the record that they get very frustrated because they can’t tell the ‘good news’ of really effective systems they’ve worked on with a customer because the customer (naturally) doesn’t want to expose how their systems work.