Attendees of a cybersecurity conference had mixed reactions to a Las Vegas hotel-casino conducting daily room inspections as a response to their presence in town.

Several Def Con 32 participants staying at Resorts World casino-hotel said they were being treated as criminals because they chose to attend a hacking convention. Others said they understood the casino’s position, even if they disagreed with its effectiveness.

“(Security) had no idea what they were looking for,” said Korvin Szanto, of Portland, Ore. “They knocked and came in, and showed me a big, long list of stuff that they wanted to look for. It had things like random cables and a USB thumb drive. I said ‘You have these things.’”

Szanto took the hotel room inspection in stride. As a multiple-time attendee of Def Con, the longest-running and largest hacking conference in the United States, he said other Las Vegas casino hotels have done similar searches in years past.

Room inspections have become more commonplace

Hotel room inspections in Las Vegas have become more commonplace after the Route 91 Harvest festival shooting in 2017.

“It’s typical. It’s happened to me before at Paris and at Caesars (Palace),” Szanto said.

Resorts World Las Vegas informed most guests - although not all - that it would conduct daily “scheduled, brief visual and non-intrusive” inspections in response to a “well-known hacking convention” in town. The hotel room searches reportedly began on Aug 5, at the start of another hacking convention taking place across town.

A spokesperson for MGM Resorts International, the largest hotel-casino operator on the Strip, said they were not doing anything different this week regarding room inspections at their Las Vegas properties. Caesars Entertainment didn’t immediately respond to a request for comment.

The Black Hat USA convention was at Mandalay Bay casino-hotel last week. Def Con 32 ran through last Sunday at the Las Vegas Convention Center.

“These inspections are a standard practice in many of Las Vegas’ premiere hotels, particularly during periods of increased foreseeable risk, where vigilance is critical. These inspections are a precautionary measure intended to enhance our on-site security presence (both physical security and cybersecurity), maintain the integrity of our property’s services, and safeguard our guests, business partners, and staff against potential cyberattack threats,” Resorts World said in a statement.

Resorts World said its inspections will be done with the “highest respect for our guests’ privacy and convenience, following strict protocols to ensure minimal disruption to their stay.”

A letter distributed to hotel guests said that rooms with a privacy/do not disturb sign will still be subject to daily inspections.

‘It’s kind of an invasion of privacy’

Matti Raubasojia, of Finland, said his hotel room at Resorts World had been searched while he was out. Raubasojia suggested that if the casino hotel was that concerned about cyber incidents, it might want to consider hiring Def Con attendees rather than singling them out.

“I don’t know what they’re looking for anyway,” he said. “(But) the conference covers both sides of cybersecurity. A lot of the guys (there) are also defending attacks, like the MGM case or whatever they’re using to justify this.”

The Strip’s two largest casino-hotel operators, MGM Resorts International and Caesars Entertainment, were victims of cyber attacks in 2023. Caesars paid a reported US$15mil ransom to minimise disruptions, while MGM balked at being black-mailed and suffered through weeks of operational interruptions.

Chandler Emhoff, of Ohio, was attending Def Con for the first time and the hotel’s room inspection policy did not make for a good first impression of Las Vegas.

“It’s kind of an invasion of privacy,” he said. “(They’re) stereotyping us as criminals because we’re here for a hacker convention.”

Emhoff, like many other Def Con attendees, took umbrage with the casino-hotel’s apparent lack of understanding about what tools a cybercriminal would use.

“It doesn’t make a whole lot of sense,” he said. “They say they’re looking for some sort of hacking tools or something like that. But what does that look like? It could look like anything. It could be my computer, you know. And like I said, I don’t think they would know what they’re looking for. Even if they did see something, I don’t think they would know it.”

 - TNS