Inside Asian Gaming

IAG FEB 2022年2月 亞博匯 94 ALL-IN DIGITAL cybercriminals with limited technical knowledge to execute ransomwareattacks in return for a percentage of each successful ransom payment obtained using the software, which accrues to the original ransomware developers. The volume of security intrusions conducted by these affiliates in RaaS attacks may potentially overwhelm an organization’s threat detection defences, leaving the network under-resourced to identify and protect against more complex and critical cyberattacks. DATA THEFT INCIDENTS The value associated with customer data in the gaming industry continues to provide incentives to cybercriminals to perpetrate data theft and data breach incidents. In 2021, the dark web saw a consistent stream of both Chinese and English-language threat actors post for sale customer personal data, including personal informationand financial details, taken from the databases of online gaming companies and platforms. Hospitality Given the nature of the IR industry, data and personal information concerning patrons has always been considered especially sensitive and the potential threatofopenpublicationinaransomware incident presents a critical concern. 鑑於IR行業的性質，與顧客有關的數據和個 人訊息一直被視為特別敏感的，而在勒索軟 件事件中，相關數據或會公開洩露，這是一 個嚴重的潛在威脅。 務定義的恢復要求。對於IR而言，相關 挑戰尤其嚴峻，因為其不少企業工具和 系統的實施橫跨不同團隊以管理數據， 每個團隊都有自己的安全和存取設置。 這種分散的系統集合為同一時間審視各 種技術的狀態和控制設置帶來了問題， 增加企業的IT營運面對精心策劃的網絡 攻擊時的風險。 隨著勒索軟件即服務（RaaS）的發 展，勒索軟件攻擊發生的可能性或會在 未來激增。RaaS是一種軟件交付模式， 以分成制度為科技知識能力有限的網絡 犯罪分子提供現存的勒索軟件工具，使 其執行勒索軟件攻擊，從以換取犯罪分 子使用該軟件所成功獲得的每筆贖金的 一定百分比，相關分成亦會分給原勒索