Most gamblers were still asleep, and the gondoliers had yet to pole their way down the ersatz canal in front of the Venetian casino on the Las Vegas Strip. But early on the chilly morning of Feb. 10, just above the casino floor, the offices of the world’s largest gaming company were gripped by chaos. Computers were flatlining, e-mail was down, most phones didn’t work, and several of the technology systems that help run the $14 billion operation had sputtered to a halt.
Computer engineers at Las Vegas Sands Corp. (LVS) raced to figure out what was happening. Within an hour, they had a diagnosis: Sands was under a withering cyber attack. PCs and servers were shutting down in a cascading IT catastrophe, with many of their hard drives wiped clean. The company’s technical staff had never seen anything like it.
The people who make the company work, from accountants to marketing managers, were staring at blank screens. “Hundreds of people were calling IT to tell them their computers weren’t working,” says James Pfeiffer, who worked in Sands’ risk-management department in Las Vegas at the time. Most people, he recalls, switched over to their cell phones and personal e-mail accounts to communicate with co-workers. Numerous systems were felled, including those that run the loyalty rewards plans for Sands customers; programs that monitor the performance and payout of slot machines and table games at Sands’ U.S. casinos; and a multimillion-dollar storage system.