Ransomware attack at Federal Group Casinos

Tasmania’s Federal Group, and the only casino operator in the state, have confirmed a ransomware attack late at night on 3rd April impacted its poker machines and hotel booking system. Both the Wrest Point and Launceston Country Club casinos were forced to shut down their gaming machines but were able to restart table games quickly. Ransomware is a type of malware that encrypts a business’s files, with the attackers demanding a cryptocurrency ransom to be paid in order to restore access to the files. It is common that the data is never returned to the business even after they make ransom payments.

It has been claimed by ABC news that several former IT employees at the Federal Group believed the hackers had accessed historical credit card details stored in the hotel booking system and the gaming systems installed at the casinos. This has not been confirmed by the Federal Group.

In modern systems this confidential customer data is only stored after extensive encryption efforts are made on the raw data, but many club and casino systems were not designed with such complex precautions in mind.

Federal Group executive general manager Daniel Hanna said the company was taking the matter “extremely seriously” and had shut down some of their services as a “precautionary measure”.

“We are doing this to ensure that the integrity of our systems and data is maintained at all times,” Mr Hanna said.

International privacy and security consultant Terry Aulich, a former federal senator and Tasmanian minister, said gaming and gambling organisations would be “high on the list” to be targeted by hackers.

Mr Aulich did not comment directly on the Federal Group hack but said restoring services for a victim of ransomware could take several weeks.

Safeguarding your business

In Australia, Secom Technology is a specialist IT company, focusing on hospitality industry IT security needs utilising the Untangle NG Firewall solution. This is a sophisticated and flexible app-based firewall solution that protects customer data in POS and gaming systems, includes intrusion protection that blocks hacking events such as ransomware and phishing attacks, allows for network wide usage policies even when staff and customers access the internet through your business Wi-Fi from their own devices, and is flexible enough to grow along with your hospitality business needs.

 About the Untangle NG Firewall solution

Managing your network and ensuring every device is adequately protected can be a complex and costly task. Untangle’s NG Firewall simplifies network security with a single, modular, software platform designed specifically for businesses such as pubs and clubs with limited IT resources and budgets.

Untangle NG Firewall provides a browser-based, responsive and intuitive interface enabling you to quickly gain visibility into the traffic on your network. This includes a dashboard that attaches the reports your business requires as widgets for fast visibility.  From content filtering to advanced threat protection, VPN connectivity to application-based shaping for bandwidth optimization, the Untangle NG Firewall delivers a comprehensive, enterprise-grade network security platform.

Some of Untangle’s NG Firewall features include:

Safe and secure Wi-Fi

Wi-Fi is now the top amenity customers want. With Untangle, customers will have the convenience to safely go online wherever they are located in your venue. Basic Internet access can be provided for free, and if higher bandwidth is needed, tiered service offerings can be made available. For back-office operations, the system can prioritise Internet traffic for administration tools, point-of-sale and more.

Protecting purchases and customer information

Mobile payments, such as Apple Pay have become increasingly popular but as a small/medium business, network security is crucial. Untangle’s security solution ensures that businesses can provide customers with streamlined and protected purchases both online and in person.

Ransomware and virus prevention

Intrusion prevention blocks hacking attempts before they reach internal servers and desktops. Untangle’s pre-configured signature-based IPS makes it easier for administrators to provide 24/7 network protection from hackers. Modern malware threats target servers, laptops, tablets, and even mobile phones. While it is important that all of these devices have end-point protection—with the latest versions of software and virus signatures—you may struggle with control over these devices as they connect offsite to unsecured networks, then return to your network with malware on board. You need a first line of defence.


Drawing the line that separates internal and external networks, Firewall filters traffic based on IP address, protocol and port, which enables administrators to designate which systems and services (HTTP, FTP, etc.) are publicly available. Firewall can be run as a transparent bridge to complement a pre-existing firewall and allows you to control inbound and/or outbound access to specific IPs and ports.

Phish blocker

Identity thieves are becoming increasingly sophisticated with email and website spoofs that are nearly impossible to discern from the real thing. Phish Blocker protects users from email phishing attacks and fraudulent pharming websites.

Mobile policy enforcement

Mobile devices are inherently promiscuous, connecting via cellular and Wi-Fi networks that may or may not have sufficient security protocols in place. You work hard to keep threats off devices connected to your local network; be sure those same devices aren’t left exposed when they’re in the wild.

It can happen to any hospitality business that is not properly protected.

The poker machines at Wrest Point (650+ machines) and Launceston Country Club (530+ machines) have been switched off for over 10 days while management deals with the issues related to the recent hacking event. The cost of this ransomware issue is significant in lost gaming income, expensive investigations into where the hacking event originated, enforced reporting to government agencies, and customer service issues relating to hotel bookings and restricted gaming facilities.

Prevention would certainly have been less costly than the cure.

To investigate how Untangle NG Firewall can prevent these issues in your business contact:

Jason Drew

Secom/Sint – Phone:  1300 781 224


Sources for Federal Group ransomware attack: