Attendees at a cybersecurity conference had mixed reactions to a Las Vegas hotel-casino’s decision to conduct daily room inspections in response to their presence in the city.

Several Def Con 32 attendees who stayed at the Resorts World casino hotel said they were treated like criminals for choosing to attend a hacker conference. Others said they understood the casino’s stance, even if they did not doubt its effectiveness.

“(The security guards) had no idea what they were looking for,” said Korvin Szanto of Portland, Oregon. “They knocked, came in and showed me a long list of things they wanted to look for. There were some cables and a USB stick, for example. I said, ‘You have these things.'”

Szanto took the search of the hotel room in his stride. As a frequent attendee of Def Con, the oldest and largest hacker conference in the US, he said that similar searches had been carried out at other casino hotels in Las Vegas in recent years.

Room inspections have become more commonplace

Since the shooting at the Route 91 Harvest Festival in 2017, inspections of hotel rooms in Las Vegas have become commonplace.

“That’s typical. That happened to me before in Paris and at Caesars (Palace),” Szanto said.

Resorts World Las Vegas informed most guests — though not all — that it would conduct “scheduled, brief visual and non-invasive” inspections daily in response to a “known hacker conference” in town. The searches of hotel rooms reportedly began on August 5, at the start of another hacker conference taking place across town.

A spokesman for MGM Resorts International, the largest hotel and casino operator on the Strip, said they did not do anything differently in room inspections at their Las Vegas properties this week. Caesars Entertainment did not immediately respond to a request for comment.

The Black Hat USA convention took place earlier this week at the Mandalay Bay casino hotel. Def Con 32 runs through Sunday at the Las Vegas Convention Center.

“These inspections are standard practice at many of Las Vegas’ finest hotels, especially during times of heightened foreseeable risk when vigilance is critical. These inspections are a precautionary measure designed to enhance our on-site security presence (both physical security and cybersecurity), maintain the integrity of our property’s services and protect our guests, business partners and employees from potential cyberattacks,” Resorts World said in a statement.

Resorts World said the inspections are being conducted “with the utmost respect for the privacy and comfort of our guests and in compliance with strict protocols to ensure minimal disruption to their stay.”

A letter distributed to hotel guests said rooms with a “privacy/do not disturb” sign would continue to be checked daily.

“It is a kind of invasion of privacy”

Matti Raubasojia of Finland said his hotel room at Resorts World was searched while he was away. Raubasojia said if the casino hotel is so concerned about cyber incidents, perhaps it should consider hiring Def Con attendees instead of staffing them individually.

“I don’t know what they’re looking for anyway,” he said. “(But) the conference covers both sides of cybersecurity. Many of the people (there) also defend attacks, like the MGM case or whatever they use to justify it.”

The Strip’s two largest casino-hotel operators, MGM Resorts International and Caesars Entertainment, fell victim to cyberattacks in 2023. Caesars reportedly paid a $15 million ransom to minimize disruption, while MGM refused to extort and suffered weeks of business disruption.

Chandler Emhoff of Ohio was attending Def Con for the first time, and the hotel’s room inspection policy did not leave a good first impression of Las Vegas.

“It’s a kind of invasion of privacy,” he said. “They’re portraying us as criminals because we’re here for a hacker conference.”

Emhoff, like many other Def Con attendees, was outraged by the casino hotel’s apparent lack of understanding of the tools a cybercriminal would use.

“That doesn’t make much sense,” he said. “They say they’re looking for hacking tools or something. But what does it look like? It could look like anything. It could be my computer, you know. And like I said, I don’t think they would know what they were looking for. Even if they saw something, I don’t think they would know it.”

Contact David Danzis at [email protected]. Follow @AC_Danzis on X.