Who Watches the Watcher?

In the film Ocean’s Eleven, Danny’s crew taps into the surveillance system of the Bellagio, the Mirage and the MGM Grande to carry out reconnaissance work, in preparation for their $150 million dollar Las Vegas heist.

Somebody in Australia obviously thought this was a pretty neat idea, having won $32 million at a casino in Melbourne.  Details aren’t yet clear about whether similar hacking principles were used or if it was an ‘inside job’, but I do wonder if he and his accomplices came up with such a catchy group name.

The man in question was playing poker in the high roller’s room, and having gained access to the eyes and ears of the casino’s security system, the accomplices fed information on the other players’ cards right to him.  They gave advice on how to wager, when to bluff, and it took just eight hands to accumulate the $32 million.

Not as nifty in their escape as the Ocean’s Eleven crew (they obviously forgot about their S.W.A.T disguise at the end), they ended up getting caught red handed at their luxury villa and the casino is expected to recuperate most of the money.

But it just goes to show that one of the current industry buzzwords, big data, has some pretty large implications.  Big data is all about capturing lots of rich information, which then by its nature can be quite difficult to analyse.

What the accomplices were doing was gathering lots of information via video – every card, every hand, every possibility, and working out how they could use that data to their best advantage.

The casino collected the same big data too – but for a very different reason; they were trying to protect themselves.  The data was probably used for no other purpose so there was little analysing to be done.  The hackers, however illegal their activities (well, very!) had a strategy – they knew what they were doing when combing through the data.

It’s not just data and business intelligence issues being raised by this situation – it’s fundamental security too.

I wonder if the bad guys had some sort of CRM system that helped them categorise their data and spot trends.  After all, plenty of cyber hackers out there use these sort of business tools every day and even sell them onto fellow hackers, in order to maximise the impact of the hack.  They can then tell how many computers or systems have been compromised. 

Have a look at Sophos’ James Lyne talking about Hacking as a Service:

Could an even higher tech security system in the Australian casino have prevented the sinful gambler?  Doubtful, given that it was put in place to protect them and ended up being used against them. Security threats will continue to evolve at the same rate, if not faster, than exciting new technologies are introduced.

So what can businesses learn from this about creating a secure environment?  Again we need to go back to the basic principles.  It’s the combination of user vigilance and the right technology solution that sets you on the best track.

For more information on IT security read our whitepaper, clarifying the threats and identifying actions to protect your business