- Details
- By Chez Oxendine
- Economic Development
Tribes are staring down a growing cybersecurity crisis, with data breaches now costing an average of $4.88 million per incident — and rising.
Accounting and advisory firm REDW shared the alarming figure during a recent Tribal Hospitality and Gaming webinar aimed at tribal governments and enterprises increasingly finding themselves in hackers’ crosshairs.
“We definitely hear about it more often lately — 100 percent,” webinar participant Jennifer Moreno told Tribal Business News in a follow-up interview. “It works and the attackers make a lot of money off of it.”
The threat has already disrupted major tribal operations across Indian Country. In April, hacker group RansomHub successfully compromised the Lower Sioux Indian Community’s Jackpot Junction casino.
Just two months earlier, the Sault Ste. Marie Tribe of Chippewa Indians was forced to shut down all five of its Kewadin Casino locations, with tribal governement services also paralyzed by the attack.
(L-R) Trisha Widbrand, Jennifer Moreno of REDW
These incidents aren’t isolated. Since 2021, cyberattacks have struck the Cheyenne and Arapaho Tribes’ Lucky Star Casinos in Oklahoma, the Nez Perce Tribe’s gaming operations in Idaho, and the Yocha Dehe Wintun Nation’s Cache Creek Casino in California, according to previous reporting by Tribal Business News.
Tribal enterprises have become prime targets as their digital operations expand alongside growing revenues, according to Moreno and her REDW colleague, Senior Cybersecurity Advisor Trisha Wilbrand. What's particularly concerning for tribal leaders is how these attacks can quickly spread from casino networks to critical government and health services sharing the same infrastructure.
Ransomware — where attackers encrypt crucial data and demand payment for its release — remains the weapon of choice. Even when tribes pay up, there's no guarantee of safety.
“People who are installing ransomware are not necessarily likely to keep promises,” Moreno said. Beyond demanding payment to restore encrypted data, hackers often copy sensitive information for later sale on the dark web — creating potential regulatory and compliance nightmares for tribal entities handling personal and financial data.
“You really need to be prepared to not ever let it get to that point,” Wilbrand said. “I don’t feel like these attackers have a lot of integrity.”
For tribal leaders weighing their options, REDW's data showed a clear financial incentive for preparation: organizations with established incident response plans saved an average of $2.03 million per breach compared to those caught unprepared.
The most effective defense starts with awareness programs targeting common attack vectors, including fake account suspension notices, fraudulent invoices, package delivery alerts, and spoofed HR department emails.
"We recommend monthly training, but it should be done at the very least yearly," Moreno advised. "It needs to be mandatory, and then you need to do mock phishing campaigns to see what people are falling for — are they clicking links? Are they scanning codes?"
Beyond prevention, tribal enterprises need comprehensive recovery protocols including regular data backups, breach identification training, and detailed documentation procedures, according to REDW.
“Recovery isn’t simply about returning to normal operations - it’s about emerging stronger and more resilient,” the company wrote in a playbook provided during the webinar. “...all successful recoveries share one common element: thorough analysis and strategic improvement.”
