How are Southeast Asia’s casinos adapting to modern cyber-attacks?

Online casino roulette wheel Southeast Asia

Online casinos are investing vast sums of time and money in protecting their customers’ data. Despite this effort, cyber threats remain a major concern for their operations.

Sponsored Content

Since the early days of organised gambling, casinos have been targeted by cybercriminals and scammers.

In 2017, 29 Hong Kong-based online gaming websites were hit by a string of targeted distributed denial of service (DDoS) attacks over a two week period. A DDoS is a type of cyberattack in which the hacker tries to take down a target’s site by overwhelming the server with visitor traffic.

DDoS and other cyberattacks are used by hackers to extort money from the site owner. Once the hacker cripples a site, the cybercriminals will demand a ransom in exchange for ending the assault.

These attacks deliberately target larger organisations, who can afford to pay the large ransoms demanded. Online casinos and other gaming sites are particularly attractive targets for cybercriminals because they have the capital to pay criminals off and can’t afford downtime on their networks. Website disruptions, even those lasting a few moments, cause substantial financial losses for online casinos.

Regulated bodies provide security assistance

Before an online casino can become accredited or operate online, it must go through a stringent regulatory process.

In the Philippines, the only Southeast Asian nation that offers gambling licenses to companies that wish to enter the gaming market in the region, there are three different regulators that offer gambling licenses.

The Philippine Amusement and Gaming Corporation (PAGCOR) is a government-owned corporation that governs land-based casinos in the country. First Cagayan Leisure and Resort Corporation (FCLRC) offers an e-gaming license in the Cagayan Special Economic Zone.

The Philippine Offshore Gaming Operator (POGO) is a recent addition to the gambling regulatory sector. POGO issues gaming license to qualified operators. As of the second quarter of 2018, there are 55 accredited operators under the POGO scheme.

The regulators are responsible for fair play in gaming and protect the players against fraud. They look into complaints, analyse software, random number generators, and player exclusion mechanisms.

After the regulator gives a license, they perform regular checks to ensure the casino remains in compliance with regulation.

Online gambling in Asia is on the rise 

POGO in the Philippines has overseen steady revenue growth in the online casino sector in recent years. Upon its launch in 2016, the POGO generated PHP657 million (US$12.5 million) revenue. In 2017, revenue hit PHP3.924 billion. Its revenue almost doubled in 2018, to hit Php7.365 billion (US$139.3 million).

Japan also attracted the attention of the Asian Casino market after its government passed a bill in July 2018 that officially allows three casinos in the form of integrated resorts in the country.

Research conducted by Credit Lyonnais Securities Asia (CLSA) estimates that the three licensed resort of Japan will generate US$11 billion in annual revenue.

Online gambling remains illegal in Japan, but players are playing online games through providers hosted in other countries. 

Japanese online casino operators uses online casino bonuses ( or カジノボーナス in Japan) to attract a number of customers.  These Japanese casino bonuses include credits which double or triple a player’s initial deposit.

How safe are players in online casinos?

Hackers also pose a threat to online casino customers. Casinos store customer information on their servers, including credit card and bank account information. If a casino is hacked, cybercriminals can use this information for malign activity.

In one of the most high-profile cases, details of over 108 million bets, including players’ personal information, was stolen from an online casino group in 2019 through the portable, search engine, ElasticSearch.

The leaked user data included names, home addresses, phone numbers, email addresses, birth dates, site usernames, account balances, IP addresses, browser and OS details, login information, and a list of played games.

To protect players’ sensitive information, regulated casinos today are using 265-bit enciphering and SSL encryption technologies to secure their financial transactions. These technologies ensure that any data uploaded by the customer, such as scanned copies of passports or driving licenses, is not permanently stored on the casino’s server. After the verification process is concluded, the player’s information will be automatically deleted.

Casino operators use RNG for fair play

While casino bonuses attract a number of players, players are increasingly aware of the risks involved in playing online casino games.

Players want to play fair casino games, with a legitimate chance of winning. If hackers or fraudsters can exploit vulnerabilities in the game software, the results for players, and for the casino can be catastrophic.

A Czech national received a 22-month jail term after admitting to using software to predict when slot machines would pay out at Singapore’s Resorts World Sentosa (RWS) and Marina Bay Sands casinos.

While no reports have emerged of online casino games in Southeast Asia being hacked, casinos are taking no chances. Online casinos use random number generators (RNGs) to protect the players and themselves from fraudulent activity. The RNGs feature an algorithm installed in casino games to make the results of the game unpredictable and fair for both players and the operators.

Online poker cards Southeast Asia

Casinos that take security seriously employ independent organisations like the e-Commerce and Online Gaming Regulation and Assurance (eCOGRA) and Technical Systems Testing (TST) to audit and monitor their RNGs.

Accredited casinos display their auditor seal on their website to show to their customers that their services and games are secure and subject to regular independent tests.

Extreme measures are necessary to counter the extreme cyberthreats and protect gamers against fraud. Despite this effort, cybersecurity remains a leading concern for online casino operators. In the game of cat and mouse between online casinos and hackers, advantages on either side are short-lived.