As John Chambers, former CEO of Cisco, said, “There are two types of companies: those that have been hacked and those that don't know they have been hacked.” This statement has never been stronger in Colombia than on September 12, 2023, when the country woke up to the digital chaos of an unprecedented cyberattack that left more than 70 digital services of the national government and several private entities offline.
What initially appeared to be a technical inconvenience quickly turned out to be a sophisticated and devastating cyber operation, exposing the vulnerability of our digital infrastructure.
The worrying issue for various people who work in cybersecurity was the poor communication of the incident by the provider IFX Networks, which published a statement that did not give many clues.
The government acted correctly by convening cybersecurity capabilities, including the support of the Colombian Cyber Emergency Response Group (COLCERT) and the Computer Emergency Response Team (CSIRT) associated with the Presidency, as the creation of a PMU (Unified Command Post), with different actors including MINTIC.
Identification of the adversary
Three days later, on September 15, COLCERT and CSIRT Presidency issued an official statement, called the context of the incident. The diagnosis: a ransomware known as MarioLocker. This threat was not unknown in the world of cybersecurity. With more than 459 incidents globally. «COLCERT, through its Cyber Threat Intelligence analysis, identified linked artifacts that indicate possible vulnerabilities that could be exploited by third parties. These vulnerabilities can affect devices and assets related to cloud resources, as Microsoft notes. The spread of the threat can impact services linked to information systems and remote connection tools in virtualized environments,” reads the report.
This already showed several issues: cybercriminals were able to take advantage of the vulnerabilities of virtualized environments, and strategically plan the cyberattack. Such as the lack of continuity strategy of public and private entities and the service provider. The damage is incalculable due to the lack of availability of information. This is the biggest 'scar' left by the crisis of recent weeks. All of this vital data is something that the government will have to identify, as many entities were unable to access the information for more than 8 days.
Establishing consequential damage and lost profits is presented as a monumental challenge, mainly because we do not have a precedent for an attack of this magnitude and nature.
Some causes behind the attack
Several factors contributed to the magnitude of this cyberattack. First, it is good to highlight something that has not been mentioned and that is that Colombia has had an MSPI model for years that includes documentation, standards and procedures on cybersecurity issues. Likewise, in the MSPI model, you can even find the incident report formats.
Saying that there are no processes and documents is false. The Colombian model is good in documentation, the problem is that controls failed in several processes.
Some of the causes of the attack can be reflected in topics such as:
1- Lack of backup copies and continuity strategy The resources were literally in the same place. This means that some entities do not have easy access to backup copies. The IFX Networks incident revealed a critical vulnerability in many entities' data backup strategy: all their data, including backups, was stored in the same cloud. This concentration of information at a single point of failure underscores the importance of diversifying storage and backup strategies to ensure business continuity in the face of attacks. The absence of simulation exercises was strongly manifested: the real attack became the crudest and most revealing simulation, evidencing failures in RPO (Recovery Point Objective) and RTO (Recovery Time Objective).
2- Prioritizing price over security In some cases the Colombia Compra Eficiente pricing framework clouds were purchased at a lower price, but not with better information security. It is worth reviewing the model in terms of cybersecurity; in the existing catalog, security should prevail rather than price.
3 –Vulnerability management Everything indicates that cybercriminals exploited a specific vulnerability related to virtualization in the IFX Networks infrastructure. This breach, apparently not properly managed, allowed unprecedented access to the systems, revealing a lack of proactive strategy in vulnerability management. Controls on cloud providers must be increasingly stricter and ethical hacking tests, vulnerability analysis and controls must be constantly demonstrated in all environments.
4 –Communication management During the incident, IFX Networks' communication processes left much to be desired. Despite the magnitude of the attack and the implications for numerous entities, the information provided was scarce and, at times, late. It was not until September 19 that clearer and more detailed statements about the situation began to emerge.
The lack of transparency and intermittency in the availability of its website in the previous days only intensified the uncertainty and concern among the affected entities and the general public. Timely and clear communication is essential in times of crisis, and in this case, a notable deficiency in that regard was evident. On September 21, 2023, the company reported that it had managed to restore services for 90% of its customers, with the expectation of a full recovery soon.
5 –The evolution of Ransomware Which has been evolving over the years, making its anatomy more and more specialized, cybercriminals could take advantage of vulnerabilities and achieve their objectives. According to reports from cybersecurity companies, such as Sophos, ransomware attacks are becoming increasingly specialized. In fact, in 76% of cases, cybercriminals manage to successfully encrypt their victims' data, evidencing a growing sophistication in their methods.
6 – The response and implications for the future Although the provider has announced the solution to the recent cyberattack, the outlook still presents uncertainty. Since September 18, the Ministry of Information and Communications Technologies (MinTIC) has expressed in different media its decision to take legal action, which predicts a period of analysis and possibly litigation. At the same time, authorities are increasing surveillance on the dark web, looking for signs of leaks that may be linked to the incident, but this is just beginning. Sometimes the information is leaked months later and the patience of a cybercriminal is their greatest virtue. It must be investigated with cyber intelligence and OSINT. This is what is coming in the next few days to establish if any type of information could have been exposed. It is good to establish whether IFX performed any computer forensics to establish all the context.
Likewise, it is not clear if the company had any type of insurance policy or what it is doing for the investigation process. Only IFX Networks and the cracker group truly know the depth of the access and what information was compromised. Time will undoubtedly reveal the truth.
At the end of the day, there are two types of companies: those that have been hacked and those that don't know it yet. But to this reality, we add a third type: those hacked that demonstrate capacity and resilience in their response.
While the government, the EPS, the IPS and the users of the health service confront each other with the aim of obtaining greater resources, coverage and better provision of services, an initiative that is beginning to be cooked in Congress is advancing firmly and in consensus. with the support of President Gustavo Petro, his government team, several parliamentarians and others linked to the health industry, to solve the sector's deficit.
“It cannot be that while the health sector faces a budget crisis, the government seeks reform and needs resources, the EPS are suffocated and many are on the verge of bankruptcy, just like the IPS, and people continue to die at the doors of hospitals. or are dying while waiting for a medical appointment, sports betting and other online betting entrepreneurs are getting rich and, what is worse, squandering millionaire resources that would serve to save lives or at least improve the quality of life of many Colombians.” This is how the senator who presented the project expressed it.
After the parliamentarian's first technical and economic studies, it was concluded that online sports betting and other virtual bets, which have seen notable growth in recent years, provide a new contribution to health. It is complementary to the health reform that begins its debate in the Senate in the legislature that begins next February 16. It also generates unity because it can prevent a new tax reform since it will inject millionaires and new resources into the sector.
The approach considers that although the companies that operate sports betting and other online betting have low taxation and hence their billion-dollar income and profits, although they contribute to the State in taxes, it is not proportional, especially in the context of a health sector in crisis. due to lack of resources.
After substantiating the initiative, President Gustavo Petro learned about the project and agreed to process it in the Congress of the Republic.
Official estimates in 2023 show that the income of the betting sector approached $30 billion, the equivalent of the income of two tax reforms and for 2024 the estimated income projection could reach $32 billion. In contrast, Coljuegos' official balance in terms of transfers to the health sector from January to August 2023 was $564,000 million.
Coljuegos and the gambling industry have been immersed in a frontal fight against all forms of illicit activities and it has cost too much to have a reputation for transparency and good practices among all actors, as always. I have expressed it.
In the crusade that Coljuegos is carrying out against illegal betting and Chance, the interference and direct management of criminal gangs and armed groups that affect the business is evident in each operation, which was in the news this past weekend when the same Coljuegos press room , gave a good account of an operation carried out at the site where a brothel called the swimming pool operated and which had been converted into an online betting site and operated some slot machines, managed by one of the sector's gangs of Venezuelan origin.
In that order of ideas, the so-called infamous draft that Coljuegos published on December 7, 2023 aims to hand over the operation of all the illegal machines on the street to these gangs under the pretext of favoring shopkeepers with a study plastered with snot from the year 2018. , which was made before the quarantine and is not ideal to demonstrate the reality of the market 6 years later.
Marco Emilio does not bother to hide his veneration for permanent betting companies and their vertical businesses and his clear intention to facilitate and lighten their burdens is evident; In the Coljuegos reports, the prominence is always the contributions of the sports bets, the permanent bets, the prize he received from the permanent bets, the trip that the permanent bets sponsored to Las Vegas... and the localized ones who are the ones. we contribute more, there!
Mayors of the country have denounced that even the FARC ( illegal armed group named terrorist by US government ) are in charge of the illegal Chance in the regions of Tolima, Sucre and Nariño and this is well known by Coljuegos, so how do they intend to not respect resolution 2016000006944 that regulates the machines on the route and that has not taken off? because of the entity itself.
Be careful that this great goal is for the entire gaming industry, Coljuegos headed by Marco Emilio could open the entrance to money laundering from the street, I know that we all know that it is true. What how? Well, it's simple, if the machines that leave the casinos and the spells end up there, there is no way to control them. However, resolution 2016000006944 is very clear and concise and describes perfectly how the development of these elements should be, going through a laboratory and so Coljuegos knows every move, something very different from the Online systems that transmit from a Casino, since the design of these machines is server-slave and the entity has access to the program and the soul of the system.
How are we in the companies with the lack of leadership and proactivity of Coljuegos with the permits, are we going to have to fight against the mafia whatever it may be?
…Hey! Batteries that piss us all off.
In March 2022, then Chinese Vice Premier Han Zheng, when meeting with a delegation of Macau representatives to the Chinese People’s Political Consultative Conference, expressed three hopes for the SAR, among which was assisting the Government in the amendment work of the city’s gaming law. The Vice-Premier could not have been more explicit in wishing that the local Government would do “a good job in amending the gaming law.”
It was one of the first times that a top leader in Beijing referred to the issue of gambling so explicitly. It will be said that other leaders, starting with President Xi Jinping, had already mentioned the issue beforehand, but just pay attention to what Xi said in 2014 (“it is necessary to better regulate the gaming industry” [with] “courage and wisdom”) to understand the differences.
Among the topics worth highlighting are: “cleaning up the entire casino sector; punishing those casino capitalists who crossed the border and committed cross-border crime as it is illegal to gamble in mainland China including marketing activities and online gaming or regulating the role and financial background of intermediaries or junkets in the casino industry.”
Considering the most important point, “diversifying the economy into new sectors without explicit heavy dependence and sole reliance on casino-driven capitalism, with the building up of Hengqin-Macau cooperation zone as a way out of the impasse.”
In other words, the law in force (“Amendment to the Gaming Law, 7/2022”) and the subsequent international tender were tailored to China’s requirements. That’s why Nelson Rose, a US-based leading gaming law expert, and with in-depth knowledge of Macau, states that “the influence of the PRC was not hidden.”
“Beijing tolerates Macau casino capitalism to persist, but the conditions were laid out very clearly just a year before the renewal of all casino franchises.”
At the same time, Beijing also monitors who in the mainland often gamble in Macau casinos as some mainlanders have been seen as siphoning mainland treasuries and monies out of the mainland to Macau. As such, mainland authorities see Macau casinos as having potential and hidden threats to mainland economic security.
This was also why Beijing encourages and requires Macau to diversify its economy ‘suitably,’ a code word referring to the tolerance of casino capitalism in Macau with whatever degree of economic diversification it can and will achieve.
The growth of online sports betting has had a major impact on college life in recent years, according to reports, with gambling becoming an increasing part of many students’ lives.
Some experts are reporting that the ease of wagering has made the practice second nature among a mobile phone-focused generation, and some are feeling the effects of problem gambling.
Evan Ozmat, a doctoral student in psychology at the University at Albany, launched a counseling project in 2020 to work with undergraduate students about health issues. However, gambling turned out to be a common topic.
“Since the beginning of the project three years ago, students have brought up, unprompted, gambling,” Ozmat told Time magazine. “We started asking about it in every appointment and everyone has something to say. It’s everywhere.”
More Students Booking Bets
Some experts have compared the newfound prevalence of on-campus betting to binge drinking. A recent study from the NCAA took a look at Americans ages 18 to 22 to study their gambling habits. The survey found that 60% have bet on sports with 4% admitting to wagering daily.
Another 6% reported losing more than $500 in a single day. Two-thirds of men have engaged in sports betting activities, according to the survey, as well as 51% of women.
Surprisingly, the legality of betting apparently wasn’t a factor. “Respondents living in areas where betting is legal versus those in areas where betting is illegal report taking part in each sports betting activity at nearly the same rate,” the report noted.
Reports estimate that as many as one in 10 college students are problem gamblers. Some students point to the positive aspects that come with betting, such as sustaining friendships, a love for sports, and staying invested with the on-field action.
Additionally, some note that many students do indeed bet responsibly. In the NCAA survey, about 60% of those who wagered reported betting in amounts of $20 or less. However, health experts believe this is a segment of the population to watch as sports betting continues to grow in popularity.
“It becomes a normal embedded part of the culture and that has huge implications,” clinical professor of psychiatry and head of UCLA’s gambling studies program Dr. Timothy Fong recently told. “We’ve allowed it, but have we then kept up with educating that generation about what this activity really is?”
The American Gaming Association has recently pointed to the growth of the industry in recent years. The group predicted a record number of NFL bettors for the current season and pointed to sports wagering as major driver of record revenue for the gaming industry.
When you ask me, what innovation in your products has been best received by your customers?
I assimilate this answer directly with technology, since the latest technologies and platforms have characteristics such as flexibility and scalability, which attracts many clients who take advantage of this capacity to enrich the gaming experience. Customers are attracted to casinos for the gambling, food, entertainment, and social experience. For this reason, technological innovations are not clearly the drivers or motivators of interest in casinos.
Although some of the applications that use AR/VR can improve the experience, making it more attractive to younger people, but tangible services and products must remain competitive. However, digital table games are starting to make appearances in casinos, and I think they are already challenging some of the analog formats in that they can be a gateway product. I don't see them as a replacement, but perhaps they can increase the experience for a different type of player.
Continuing this link of the types of games that have also carved out a space in casinos it is worth mentioning the skill-based slot machines, which remain challenging because they do not necessarily address the reasons why people play which is the random.
Although I don't think skill-based machines will be a significant growth area, they can add value by enriching the slots environment.
Additionally, table games satisfy the element of skill in the game, as blackjack and poker incorporate some level of skill, combining chance and decision-making to offer a truly exciting and volatile gaming experience.
Finally, omnichannel has been the industry buzzword for some time now to tie together available technology, extending services beyond your casino walls to areas that benefit from technology. A clear example of this is the use of mobile and interactive platforms, advertising them through promotions to generate loyalty.