Darknet Diaries - Ep 37: LVS
Episode Date: April 30, 2019The Venetian casino in Las Vegas Nevada was the largest hotel in the world until 2015. The parent company is Las Vegas Sands (LVS) which owns 10 properties around the world. And the CEO and f...ounder of LVS is Sheldon Adelson. One day the CEO said something which sparked quite a firestorm.This episode was sponsored by Nucleus. Visit nucleussec.com to start your free trial.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.For more show notes visit DarknetDiaries.com.
Transcript
Discussion (0)
Imagine being at work, in the office, and all of a sudden the server you're working on goes down.
The phones stop working, the screens go blank, and as you investigate, you realize the company has been hacked.
The virus is so bad, and it's spreading so fast, that you frantically start unplugging Ethernet cables in an attempt to stop the attack,
and you're forced to sever your connection to the Internet altogether.
Yeah, that did happen, and I want to tell you about it.
These are true stories from the dark side of the internet.
I'm Jack Recider. This is Darknet Diaries.
This episode is sponsored by Delete Me.
I know a bit too much about how scam callers work.
They'll use anything they can find about you online to try to get at your money.
And our personal information is all over the place online.
Phone numbers, addresses, family members, where you work, what kind of car you drive.
It's endless.
And it's not a fair fight.
But I realize I don't need to be fighting this alone anymore.
Now I use the help of Delete.me. Delete.me is a subscription service that finds and removes personal information
from hundreds of data brokers' websites and continuously works to keep it off. Data brokers
hate them because Delete.me makes sure your personal profile is no longer theirs to sell.
I tried it and they immediately got busy scouring the internet for my name and gave me reports on
what they found. And then they got busy deleting things. It was great to have someone on my team
when it comes to my privacy.
Take control of your data and keep your private life private by signing up for Delete Me.
Now at a special discount for Darknet Diaries listeners.
Today, get 20% off your Delete Me plan when you go to joindeleteme.com slash darknetdiaries and use promo code darknet at checkout.
The only way to get 20% off is to go to joindeleteme.com slash darknetdiaries and enter code darknet at checkout.
That's joindeleteme.com slash darknetdiaries and use code darknet.
Support for this show comes from Black Hills Information Security.
This is a company that does penetration testing, incident response, and active monitoring to help keep businesses secure. I know a few people
who work over there, and I can vouch they do very good work. If you want to improve the security of
your organization, give them a call. I'm sure they can help. But the founder of the company,
John Strand, is a teacher, and he's made it a mission to make Black Hills Information Security
world-class
in security training. You can learn things like penetration testing, securing the cloud,
breaching the cloud, digital forensics, and so much more. But get this, the whole thing is pay
what you can. Black Hills believes that great intro security classes do not need to be expensive,
and they are trying to break down barriers to get more people into the security field. Thank you. Find links to their webcasts to get some world-class training. That's BlackHillsInfosec.com.
BlackHillsInfosec.com.
Imagine you're taking a nice gondola ride through a canal.
This is one of those boats where you hire someone to stand up on it and paddle for you.
It's nice and slow, relaxing.
It's something you do as a tourist.
And it can be romantic.
Except you're not in Italy.
You're in the middle of the desert.
This is the scene from Within the Venetian,
a hotel casino in Las Vegas, Nevada.
But it's not just any hotel.
It's a luxury resort.
A massive resort with over 4,000 rooms.
In fact, it was the largest hotel in the
world up until 2015. And if you go to Vegas, you can't miss it. The Venetian looks just like Italy.
It's amazing to look at and explore. On top of it being a hotel, they have 120,000 square foot
casino, a monster of a gaming hall, which is where they make a ton of their money. In 1988,
Sheldon Adelson bought the
Sands Hotel and Casino in Vegas. Three years later, he got married to his second wife and took a
honeymoon to Venice, Italy. And there's where he got the inspiration to bring Italy to Las Vegas.
So he did. He came back home and spent $1.5 billion building the Venetian and then imploded
the Sands Hotel and built more Venetian hotel rooms on top of it. Sheldon had a strong desire to succeed as a hotel casino investor, and he did succeed.
His casino was very successful, and now he controls 10 different properties.
The parent company of this empire is the Las Vegas Sands,
which is what I'm going to refer to as LVS a lot in this episode.
LVS is the company that owns the Venetian and Palazzo in Vegas,
and another Venetian in China,
and the Marina Bay Sands in Singapore. That's the one that looks like it has a cruise ship on the
top of the buildings, and another Sands Casino Resort in Bethlehem. The Las Vegas Sands has over
50,000 employees worldwide, and is ranked 418th on the Fortune 500 list. It's a massive corporation
today, and its founder, owner, and CEO is Sheldon Adelson.
We're going to learn a lot more about Sheldon in a minute,
but I'm fascinated with the IT infrastructure of a major global business like this.
You may have seen Ocean's Eleven at this point,
so you can probably take a guess as to how secure their physical infrastructure is to protect those millions of dollars that are transacted each night in the casinos.
But those are all physical securities.
I wonder what their IT security looks like.
So I did some snooping.
If you want to know what's in a company's network,
and they're not really telling you what's in there,
there's two easy ways to figure this out.
First is their career page and the job openings.
And on the Las Vegas Sands website,
you see job openings for things like Network Security Engineer 1,
Network Security Engineer 2, Network Security Engineer 3. And to qualify for these roles, you have to be proficient in Cisco
routers, Aruba wireless controllers, Checkpoint firewalls, Palo Alto firewalls, Bluecoat web
proxies, and F5 load balancers and VPN servers. And you know what? These are all the technologies
that I would expect to see in a large Fortune 500 company's network. So nothing's really out
of ordinary here. The second place I look to get a
good idea of what's in their network is LinkedIn. A couple of simple searches here and I'm finding
hundreds of IT people claiming that they work at the Las Vegas Sands, ranging everywhere from
cybersecurity project manager to a whole army of cybersecurity engineers and analysts and
administrators. I think this paints a good enough picture for me. With a few other Google searches,
I've got a pretty good idea what their internal network is like and what their staff is
like. The IT security team at Las Vegas SANS seems to be pretty big. I'm guessing somewhere between
200 and 1,000 engineers, technicians, analysts, investigators, directors, and more. The IT
security people's job is to understand, find, detect, stop, and remove threats from the network.
And you know what? These are the good guys in our story. The people who work tirelessly to keep that network up and safe,
to keep the company running smoothly in the middle of any kind of cyber attack. Las Vegas Sands has
multiple data centers, and it houses hundreds and hundreds of servers in each. The network of these
casinos is huge. There are like thousands of slot machines that all need ethernet connections,
and then there's public Wi-Fi for the guests. There's retail sales networks. There's online booking servers for
their 10 different properties. Each guest room has an electronic door lock. That's got to be
connected to something. Then there's the hotel reservation systems and the television network
in each room and a whole bunch of security cameras everywhere. And that's a lot of stuff
in their network to keep up and operational. It's a massive and complex network,
but this is typical for what I'd expect a Fortune 500 company to have.
Now, I outline their network to you because I really want you to get a sense of who's working there.
These IT and security people have a lot at stake to secure.
Of course, there's millions of dollars of actual cash to secure,
but there's also thousands of customers to keep happy every minute of the day, 24-7.
Las Vegas never sleeps.
The IT and security team has to work their butt off to keep the network up and operating
effectively. And they can never sleep either. Someone's always there 24-7, 365, in the security
operations center watching threats in the network. And they're just looking for hacking threats. And
a whole other team monitoring the surveillance cameras, all 24-7. A network this
big comes with a lot of hazards of things breaking. It's just the nature of having a large network.
Cables go bad, upgrades fail, patches introduce new bugs, da da da. And of course, there's network
attackers, hackers that are trying to push malware onto the network and through their websites and
onto the wireless network to maybe try to figure out a way in getting some of that casino cash. I'm sure that running a casino attracts thieves like garbage attracts flies. The security
team at Las Vegas Sands has done a great job. They've deployed state-of-the-art infrastructure
and hired top-notch talent to keep the place secure. It seems like they've thought of everything
that can possibly go wrong and they have a plan in case that happens. But as you might guess, something does go wrong that they didn't expect. All right, let's go back to Sheldon now. So what
do we know about Sheldon Adelson? Well, the man has money, lots of money. Las Vegas Sands is the
biggest casino operator in the world and this CEO owns over half of it. The Bloomberg Billionaires
Index has Sheldon with a net worth of $36 billion.
That's the kind of money I can't even wrap my head around. He's a self-made billionaire whose
wealth just keeps growing. Sheldon started young, growing up in a low-income family in Boston,
and he had his eyes on making money, and he set out to do just that. He created business after
business. Some were more successful than others. And then he found gold.
In the 1970s, when personal computers started to become popular, he created Comdex.
This is a computer trade show which brought all the top tech companies together to showcase their latest technologies.
The Comdex tech conference was a major success.
To give you an idea of how well it did, in 1979, Sheldon held Comdex at the MGM Grand Hotel in Vegas,
the most famous and luxurious hotel casino in the world at the time. Within 10 years,
business had exploded for Comdex and became the largest trade show in Las Vegas,
earning in excess of $20 million each year. Listen to this reporter coming at you live from the 1993 Comdex trade show. There may be a recession going on out there somewhere, but you certainly couldn't tell here in Las Vegas
as over 2,000 exhibitors, more than 140,000 attendees
are here at a bigger than ever fall Comdex.
Lots of new product introductions from the big guys
like Microsoft and Intel.
Also new products from smaller companies
with names you've probably never even heard of.
140,000 attendees.
That's mind bogboggling.
I mean, the E3 convention that was in Las Vegas last year
only brought in 69,000 attendees.
The success of Comdex made Sheldon Adelson
a multi-millionaire.
And he sold Comdex in 1995 for $860 million
to focus his attention and wealth on the Las Vegas Sands.
The Venetian in Las Vegas,
his mega project that he developed to replicate Venice, Italy, was soon the first privately owned
and largest convention facility space in the U.S., and not to mention a casino heaven for gamblers.
So you can see how Sheldon has emerged as a dominant figure, and behind his businesses,
he's outspoken and not shy at all about using his money to bolster up the causes he believes in.
A sheer scale of donations to the Republican Party in the U.S. alone has kept him in the spotlight.
I mean, we're talking donations of $120 million in the 2012 presidential campaign
and $82 million in the 2016 presidential campaign. All this went to the Republican Party.
These are colossal amounts to us, but small change to Sheldon. Considering he's a mega-donor, some question what kind of influence that sort of
money buys you. But he's not just interested in U.S. policy. He's also very concerned with the
rising online gambling phenomenon. He wants to protect his casino empire. His reach doesn't
stop there, though. He's a strong and vocal supporter of Israel and a good friend to the
Israeli Prime Minister Benjamin Netanyahu.
Sheldon also owns two Israeli newspapers,
the Israel Today and Makorishon.
He also owns a newspaper in Las Vegas, the Review Journal.
So Sheldon has a fair share of the media market
in both Israel and Nevada, right where he wants it.
Hearing this, I'm reminded of the great newspaper mogul,
William Randolph Hearst, who once said,
You furnish the pictures, I'll furnish the war.
Meaning a newspaper has a powerful way to shape general opinion and belief.
But I'm not going to go into whether or not Sheldon's newspapers are slanted one way or another,
but for a person who's so involved in politics, it certainly wouldn't be a surprise.
In his private life, Sheldon has a powerhouse of a wife who's equally supportive of Israel.
Israeli-born Miriam Adelson says her heart remains in Israel
and is clearly an influence on Sheldon's strong pro-Israel stance.
Miriam is a medical doctor who specializes in drug addiction, research, and treatment
and has a very nice career of her own.
And this husband and wife team stand firmly together when it comes to donating their money
and supporting political candidates and Israeli causes. Direct, confident, and a little arrogant, Sheldon Adelson is a man with money,
influence, and connections, and he's not a figure who sits quietly in the background.
And when a CEO of a large corporation like this has such strong political character traits,
it can sometimes lead to trouble. On October 22nd, 2013, Sheldon Adelson was the guest of honor at the prominent
Jewish Yesheva University in New York. The rabbi who led the panel questioned Sheldon on his
thoughts on whether America should negotiate with Iran. Here's what Sheldon's response was.
So you would support negotiations with Iran currently so long as they first seized all
enrichment of uranium? No.
What do you mean support negotiation?
What are we going to negotiate about?
What I would say is, listen, you see that desert out there?
I want to show you something.
You pick up your cell phone and you call somewhere in Nebraska and you say, okay, let it go.
So there's an atomic weapon goes over ballistic missiles
in the middle of the desert
that doesn't hurt a soul.
Maybe a couple of rattlesnakes
and scorpions or whatever.
And then you say, see,
the next one is in the middle of the river.
The CEO of Las Vegas Sands,
a multi-billion dollar company,
just casually suggests that the U.S.
should send nuclear weapons
into the Iranian desert as a warning shot,
following up with a message that the next one will be aimed straight for Tehran, the capital.
It's bold, blunt, unashamed.
Sheldon had just dropped a verbal bombshell.
While the collection of students at the talk seemed to respond warmly to his comments,
Philip Weiss was in the audience recording the response on video. While the collection of students at the talk seemed to respond warmly to his comments,
Philip Weiss was in the audience recording the response on video.
Philip runs a website called Mondo Weiss, which some say is controversial.
Many critics have said the stories posted to Mondo Weiss are anti-Semitic and cause controversy. And it's possible that if Philip wasn't there recording this, The story would have ended right here.
But because Philip was there, and he caught this on video,
and he's a popular journalist, the story does not stop here.
He posted his video to his website, MondoWise, the following day.
The national media ate it right up.
The Washington Post, Huffington Post, The Atlantic, Mother Jones, and BuzzFeed News all picked up the story and had
it up on their website within hours. Most reports featured the full video, enabling readers to
listen for themselves. It turned out it wasn't just the general public who were listening.
A month after the comments aired, Supreme Leader of Iran responded directly. He told students in
Iran that America should, quote, slap these parading people and crush their mouths, unquote.
The Iranians were not happy with Sheldon Adelson.
This episode is sponsored by Shopify.
The new year is a great time to ask yourself,
what if?
When I was thinking, what if I start a podcast,
my focus was on finding a catchy name,
some cool stories, and working out the best way to record. But oh, so much more goes I start a podcast? My focus was on finding a catchy name, some cool stories,
and working out the best way to record. But oh, so much more goes into making a podcast than that.
If you're thinking, what if I start my own business? Don't be scared off, because with
Shopify, you can make it a reality. Shopify makes it simple to create your brand, open for business,
and get your first sale. Get your store online easily with thousands of customizable drag and
drop templates, and Shopify helps you manage your growing business. Get your store online easily with thousands of customizable drag and drop templates.
And Shopify helps you manage your growing business.
Shipping, taxes, and payments
are all visible from one dashboard,
allowing you to focus on the important stuff.
So what happens if you don't act now
and someone beats you to the idea?
The best time to start your new business
is now with Shopify.
Your first sale is closer than you think.
Established in 2025.
That has a nice ring to it, doesn't it?
Sign up for your $1 per month trial period at shopify.com slash darknet.
Go to shopify.com slash darknet and start selling with Shopify today.
Shopify.com slash darknet.
One of Sheldon's properties is called Sands Bethlehem.
But this is not the Bethlehem that's in Palestine.
Sands Bethlehem is in Pennsylvania, United States.
It's about two hours north of Philadelphia.
This casino is nowhere near the Las Vegas mega resorts,
but it still has 300 rooms and 3,000 slot machines.
And two months after Sheldon's comments about Iran were broadcast,
the IT team in the Sands Bethlehem Resort saw some worrying activity on their computer network.
Someone had scanned their network
to see what Sands Bethlehem had on the internet.
And they found the usual stuff that you'd see a company has,
web access to email and external websites for customers,
and a VPN.
This VPN was for remote workers who could securely connect into the network and then they'd get access to
the internal network. So if a hacker could get into this VPN, they'd have inside access to the
network. So the hackers started trying to guess the passwords to some VPN users. They tried root,
admin, password one, sans, and a bunch of common passwords. When that didn't
work, they tried more complicated passwords like using special characters and numbers.
They tried hundreds and hundreds of password combinations to try to get into this VPN,
but so far they were unsuccessful. The sans IT security team is good, top notch, like hawks,
okay? They saw this, they noticed the brute force password attack, and they took action. They enabled two-factor authentication for VPN users. This
would completely remove the ability for a brute force attack to be successful, because you need
not only the password, but you also need that token code that only the VPN users would have
on their phone. So this brute force attack went on for a while and eventually died down.
The attackers weren't done.
They looked to see what else Sands Bethlehem had on the internet.
And they found a curious server was online.
When new updates would go onto the official website for Sands Bethlehem,
they'd first pass through a staging server.
And this looks like an exact replica of the live site,
but it's where new changes can be staged and there for testing purposes.
The attackers found this server, and they attempted to see if that staging server was vulnerable to some exploits.
The hackers exploited that server and gained access to it.
They were in.
But just getting into one server usually isn't enough.
You now need to figure out how to laterally move or escalate your privileges and find something else.
The hackers saw some other servers to try to get into, but they didn't have any usernames or passwords to use to try to log
in. So they use a tool called Mimikatz. Mimikatz is an incredible hacking tool. Here's how it works.
On a Windows computer, when you log into it, it stores your password in clear text in the RAM.
And that's just by design. That's Windows normal behavior. And Mimikatz knows
exactly where to look to dig that password out of memory. And what this means is that if you
run Mimikatz on a vulnerable Windows computer, you will get a list of all users and their clear
text passwords that have ever logged into that computer since it's been rebooted. This is huge.
And I don't know why, but for some reason Microsoft refused to fix this vulnerability for
years. There was literally nothing you could do about it. So these hackers ran Mimikatz on this
web development server, and from there they were able to see the usernames and passwords of web
developers and IT admins for SANS Bethlehem. And these are the people who probably have access to
a lot of IT infrastructure within the network. This gave the hackers access to a lot of the
network. They quickly discovered that S to a lot of the network.
But they quickly discovered that Sands-Bethlehem
was completely isolated from the main Las Vegas Sands network in Nevada.
They could not find any tunnels or connectivity between the two locations.
The hackers were on some kind of mission,
and access to the Sands-Bethlehem network was just not good enough.
They needed access to the main data center for all of Las Vegas SANS. They looked at the usernames and
passwords that they harvested through Mimikatz and started trying to see what they had.
They found that for remote users to get in the Las Vegas data center, there was a VPN for them
to connect to. So the hackers tried these usernames and passwords they had from the staging server to
try to connect to the main data center VPN in Vegas. And sure enough, one worked. A senior SANS IT administrator had visited
the Bethlehem site and did some work there recently. And now that the hackers had that
person's login information, they were able to use it to get into the main Las Vegas network.
And from here, the hackers analyzed the network and established a firm foothold in it, and they gave themselves a persistent connection to it in case that password was to change.
The hackers continued to analyze the network and building a map of what was there, and they were very quiet the whole time and were careful not to raise any alarms.
A few weeks later, on February 10, 2014, the hackers made their move.
Inside the LVS network, they set off a piece of code, custom written in Visual Basic, a wiper code with the goal of destruction.
It worked its way through the network, accessing, copying, and deleting all the data as it went.
The data wiped from the hard drive was replaced with useless nonsense code, making it almost impossible to recover.
While the wiper code silently crept through the network,
staff computers started crashing,
phone systems stopped working,
and IT teams were flooded with calls telling them the same thing from frantic staff members.
For a network the size of LVS,
where they had thousands of staff and computers and communication systems,
this was probably the absolute worst nightmare for the IT security team.
Computer systems at LVS were in total chaos.
The cyber incident responders who worked at LVS kicked into action. The analysts were sent off to figure out where the attack was coming from and how to block its path. And hundreds of IT
staff at Las Vegas SANS were working together to try to protect the valuable servers, the data
centers, the networks, and LVS itself. By the afternoon of February 10th, IT security staff
realized that hackers were in the network. File logs told them that sensitive files were being
compressed and downloaded. Not only had the networks been breached and firewalls been knocked
through and servers exposed, but hackers were now actively downloading the data on customers and guests and staff and gamblers.
Like the exclusive invitation-only members list.
It was stolen.
Social security numbers were stolen.
Driver's license details were stolen.
The list goes on and on.
But while sensitive data was being stolen, what the IT security engineers had to focus on
was keeping those critical systems up so that the casino and hotel could stay operational. The gaming tables and slot machines and access to hotel rooms and
electronic door codes and the retail outlets and the elevators leading to the 50 different floors,
payment stations, card machines, and all that relies on a stable and functioning network.
But the network was crumbling away like a sandcastle falling over. Las Vegas Sands,
the biggest casino operator in the world,
had to consider that they might have to stop everything
and tell their visitors to leave and close the doors.
At this point, realizing the scale of the hack and the seriousness of it,
Sands president Michael Levin ordered IT system staff to sever LVS from the internet entirely.
This was a desperate bid to stop the attack
and limit the damage.
The 10 websites owned by LVS
did not escape the hacker's attention.
In the blink of an eye,
the Las Vegas Sands websites
were morphed into something entirely more sinister.
The LVS websites had a message emblazoned across it saying,
encouraging the use of weapons of mass destruction
under any condition is a crime.
Another website said,
damn, eh? Don't let your tongue cut your throat. By now, there was no question that this cyber
attack was personal. And while all this was happening behind the scenes, the functioning
of the Venetian and the Palazzo in Vegas did continue with guests in and gamblers blissfully
unaware of what was going on. Because of the determined efforts of the security IT staff
and the fact that hackers missed the IBM mainframe,
guests were able to continue gaming, access their hotel rooms,
and purchase things from the retail stores.
But the IT staff made a strategic move to go to the data center
and start unplugging key servers entirely to stop this wiper virus from spreading to them.
So the network engineers began frantically pulling Ethernet cables from servers. This wiper
virus was on a mission to infect and spread to as many systems as it could
and delete the data on those computers, targeting just Windows machines. So this
meant that users' computers were going down and servers that run Windows like
SharePoint and email and shared drives were probably going down.
Early on in this attack, the wiper virus hit the Active Directory server in Las Vegas and completely wiped it out.
And it then tried to spread to the SANS properties in China and Singapore to wipe them out too. But by knocking out the Active Directory server in Las Vegas, it completely severed the connections to China and Singapore.
And so by complete accident, it made
those networks safe from this attack. This destruction was confined to just SANS Bethlehem
and the main network in Las Vegas. The next day, the Las Vegas SANS websites were just offline
entirely. Physical hardware had been disconnected, cables were pulled out of machines, and the LVS
servers were compromised. It took the IT security team, which might be as high as 1,000 members strong, almost a full week to re-establish connections
securely to get Las Vegas back up and running fully. This outage was noticed by some people,
so publicly the company spokesperson had to say something to reassure their customers,
if nothing else. And they chose to play down the attack by announcing it was just vandalism
targeted at their websites and some damage to the background office systems and emails.
But when the hackers heard this, it didn't sit well with them.
The hackers responded with a 10-minute long YouTube video highlighting Sheldon's exact comments
and showing a number of files and folders and passwords and details that they had accessed and stolen during the attack.
They wanted the world to know that what they were doing is much more than mere vandalism and the reasons why they were doing it. But that video was removed by law enforcement
very soon after it was uploaded, but not before it had been viewed a few thousand times.
The cyber attack on LVS was clearly designed to immobilize and destroy as much of their server
and network capacity as possible. The goal here was to hit Sheldon Adelson right where it hurt
the most. So who did it?
The messages left on the defaced LVS website provide the first obvious clue.
Sheldon's comments about nuclear weapons in Iran clearly provoked some anger there.
In 2015, a year after the attack, U.S. Director of National Intelligence James Clapper addressed this exact hack in a Senate hearing.
Here he is.
2014 saw, for the first time, destructive cyber attacks carried out on U.S. soil by
nation-state entities, marked first by the Iranian attack against the Las Vegas Sands
Casino Corporation a year ago this month, and the North Korean attack against Sony in November.
These destructive attacks demonstrate that Iran and North Korea are motivated and unpredictable cyber actors.
Whoa, whoa, this is crazy. While LVS itself refused to address that this cyber attack even
occurred publicly, here we have through an official channel that not only was LVS a victim
to a cyber attack, but James Clapper is saying that the people who did it was the Iranian
government itself. Not just some activists, but this was carried out by like the Iranian military or something.
And this raises all kinds of new questions.
Why would a government spend resources to attack a private company?
Was this the same wiper virus that Iran used to attack Saudi Aramco?
Why didn't the Iranian government take credit for this attack?
But then on top of that, Director Clapper said that this was the first ever destructive cyber attack on U.S. soil that was conducted by a nation-state actor.
I think the key word here must be destructive. In episode 19, I go over an attack that China
did on Google back in 2009. And you can even go back 30 years ago to an attack called Moonlight
Maze, which was Russia hacking into a U.S. Air Force base. But I guess
those weren't destructive in nature. Maybe this was the first ever destructive cyber attack on
U.S. soil done by a nation-state actor. But if the Iranian government is behind this, it's
interesting because Stuxnet was a U.S. attack on Iranian soil. And maybe this is Iran kind of
flexing a little, showing that they have cyber attack capabilities.
And this is kind of a response to Stuxnet.
But if that's the case, it's really troubling that a private company has to face the wrath of a nation-state actor.
But it's really hard to know exactly what the motives are behind this attack.
Was it just a simple provocation that Sheldon did?
Or was there something more to this?
For LVS, even though we know where the hack came from, I still can't get over the fact that the CEO of a Fortune 500 company managed to talk himself into this huge amount of destruction
and damage. The attack on Las Vegas Sands wiped out almost 75% of the company's networks and
servers, rendering much of their equipment and workstations useless, and valuable data was just
wiped. But the damage went deeper
than some crashed computers. Sands president Michael Levin confirmed it took more than $40
million to fix the damage by building new systems and recovering from the data lost.
This was no small cyber attack, and if the hackers' intention was to disrupt and destroy,
they achieved their aim. Las Vegas Sands were keen to keep the details of this attack under wraps,
which they managed to do so for almost a year.
But there was an article in Bloomberg Businessweek that exposed the hack and laid bare the true scale of this attack.
But neither Sheldon Adelson or any LVS spokesperson commented on this article at all.
People kept pressuring LVS to say something about the remarks that Sheldon said about Iran.
So a spokesperson did say something in the Las Vegas Review-Journal, which is a newspaper that Sheldon said about Iran. So a spokesperson did say something in the Las Vegas Review Journal, which is a newspaper that Sheldon owns. And the spokesperson said that Adelson's
comments were not meant to be taken literally. He was simply trying to say that actions speak
louder than words. But I think the moral of the story here is that words matter. Las Vegas Sands
did eventually confirm that they suffered a large-scale cyber attack in February 2014 and named its computer networks in the U.S. as a target.
In their annual report of 2014, it said both the FBI and the U.S. government were investigating this sophisticated cyber attack
and were working with IT system experts to investigate what had happened.
In the years since this hack, LVS has made no further comments.
The IT security teams like the one in the Las Vegas Sands
have their work cut out for them
for battling against such sophisticated threats
and hackers who seek to destroy rather than steal.
And when the CEO of a company speaks publicly
and gives such incendiary remarks,
there are risk assessors within a company
that might tip off the security team
to let them know the risk profile is higher than normal
and they need to secure the networks and servers
to be a little bit more tighter and protected. But when hackers are playing the long game, watching and monitoring
and lying in wait, and when they do get in and wreak the kind of destruction and havoc they did
here, it leaves an almighty mess for even the biggest and best IT security teams to clean up.
You've been listening to Darknet Diaries if the show brings value to you please consider donating to it through patreon and there you can get a bonus episode and ad free feed and stickers
this episode was created by me just a plain old sock monkey jack reciter and got some writing and
research help this episode from fiona guy and the theme music is created by the beat farmer
breakmaster cylinder see you in two weeks.