Published in Canadian Journal of Criminology and Criminal Justice - Issue

45:2, 2003
To see more articles and book reviews from this and other journals visit
UTPJOURNALS online at UTPJOURNALS.com.

Technologies of Crime: The Cyber-Attacks on Electronic

Gambling Machines
John L. McMullan and David C. Perrier
Department of Sociology, Saint Marys University, Halifax, Nova Scotia

Les auteurs se penchent sur les technologies et les structures organisationnelles

de la criminalit informatique relie lindustrie des appareils de loterie vido
dans la province de Nouvelle-cosse. Ils axent leurs recherches sur les
techniques de dchiffrage des codes de protection, de reprage des programmes
dinitialisation, de la programmation fantme, et du tlchargement et du
transfert des programmes en tant que techniques rationnelles de neutralisation
du contrle social. Leur analyse porte galement sur lorganisation sociale des
cyberattaques. En guise de conclusion, les auteurs discutent de la porte
ventuelle de leur tude de cas dans le domaine de la criminalistique
informatique.
This paper examines the criminal technologies and criminal organization
associated with gambling-related computer crimes that occurred in the video
lottery terminal industry in the province of Nova Scotia. We emphasize the
techniques of VLT crime, such as cracking protection codes, boot tracing,
ghost programming and down-lining, as rationally geared to neutralizing
social control. We analyze how the cyber-attacks were socially organized and we
conclude by discussing the implications that our case study has for the field of
computer crime.
Introduction
Electronic gambling is a recent phenomenon in Canada (Azmier, Kelley, and
Todosichuk 2001; Campbell and Smith 1998; Marshall 1996a, 1996b, 1998;
Smith and Azmier 1997; Vaillancourt 1999). Statistics show that the gross wager
on provincial gambling is now over CAN$18 billion, the gross profit (i.e., the
amount left over after players prizes have been paid out but before expenses
have been covered) is approximately $9 billion, and the net revenue (i.e., the
amount left over after expenses and commissions have been paid out) is about
$5.5 billion. Indeed, gambling is now the leader in producing vice-tax revenues
for all provinces and falls just short of the $5.9 billion that Canadian provinces
gain from the sales of alcohol and tobacco combined (Azmier 2001: 34). The
main contributor to this growth has been electronic gambling (casinos and video
lottery terminals).1 By the year 2000, 69,789 electronic gambling machines (1
machine for every 329 Canadians) were generating approximately $1.8 billion in
net revenues for the provinces (an average tax of $78.15 per adult). Of these
gambling machines, 38,252 were video lottery terminals, of which 3,234 were
located in Nova Scotia (Azmier 2001: 8).

The proliferation of these new gambling technologies has certainly created an

exciting, popular recreational activity (Dickerson 1996; Eadington 1996;
Goodman 1995a, 1995b; McMillan 1996). But it has produced as well an
underground economy in the supply and demand of gambling machines and
innovative forms of gambling-related electronic fraud.2 In this paper we analyze
how one criminal group deployed hacking, cracking, and sleeper programs to
defraud video lottery (VL) machines by (1) disassembling computer codes and
predicting winning outcomes; (2) altering computer memory and storage devices
to increase profits for winning combinations; and (3) manipulating computer RAM
and ROM to disconnect terminals and exploit them without the knowledge of
industry regulators.
Our paper is organized as follows. First, we present our perspective on criminal
organization. Second, we discuss research sources and present our case-study
approach. Third, we provide a detailed examination of the cyber-attacks on
electronic gambling machines that occurred in the province of Nova Scotia from
1994 to 1998. We emphasize how computers were the principal tools in a series
of sophisticated fraud scams. Finally, we conclude our paper by comparing and
contrasting computer crime in the gambling industry with computer crime in other
financial services.
Criminal organization
Criminologists, sociologists, and legal scholars have often treated crime as an
individual deviation from group norms or laws. They typically wonder why some
people stray from the straight and narrow path. Some researchers emphasize the
study of individual traits and personality characteristics; others study the
individuals social position, subculture, relations with family and peer groups,
absence of self-control, group conflict, official labelling by police, courts, and
corrections, and so on. In effect, these approaches do not usually treat illegal or
criminal activities as subjects in themselves but rather pursue the question, How
do these activities determine individual behaviour?
In the approach adopted here, computer crimes are treated as activities that are
rationally geared to the conduct of the illegal behaviour in question. That is, the
main elements explaining VL crimes and their organization may be found within
the illegal activity itself and the problems confronted there. This explanatory
approach emphasizes that at a given stage of technological development, a given
illegal act presents certain technical and social problems that must be resolved for
its successful completion; that we can identify the most efficient types of
organizations for managing those problems; and that the existence of these kinds
of organizations are explained in terms of their technical efficiency in the situation
at hand (Best and Luckenbill 1982; Cressey 1972; McIntosh 1975).
Two works that deal systematically with variations in organization and that deploy
organizational ideas are Donald Cresseys Criminal Organization and Mary
McIntoshs The Organization of Crime.3 Cressey (1975) categorizes six varieties of
criminal organization by identifying key positions that involve increasingly
complex responsibilities as the organization becomes more rational. Thus, at the
top end, variety A is distinguished by having positions for commissioners who
meet to coordinate the illegal activities of a cartel of multiple sub-units, while at
the bottom end of the scale, variety F has only a task force guide in the
immediate act of committing a crime. Cressey accounts for different kinds of
criminal organization, such as those for extortion and long-term fraud, and for
specific criminal interventions, such as bank robberies, cheque-forgeries, and
automobile thefts. His theory assumes that the most developed form of rational

criminal organization can conduct any kind of profitable criminal activity and that
lower organizational forms may be subsystem parts of a more complex rational
structure.
McIntosh (1975) questions the evolutionary character of Cresseys theory and
suggests that the dynamics of organizational growth and change are more diffuse
and context-bound. While Cressey sees ignorance or short-sightedness on the
part of criminals, or ineffective law enforcement by the police and other
regulators, to be impediments to the evolution of rational criminal organization,
McIntosh insists that there is no progressive tendency towards rational
centralization. It is normal and routine for crime networks to be diverse and
specific because in different social contexts the problems confronted by criminal
groups, and therefore the appropriate organizational solutions will vary (17). She
identifies four varieties of criminal organization: picaresque, craft, project, and
business.
Each of these is a type of organization for groups of criminals engaged in a
specific range of criminal activities in a specific type of society. For her, the
business organization, typical of racketeers who supply illegal goods and services
and who have gained some degree of immunity from legal control, is the largest
in scale and the most permanent and advanced in her typology. A business
organization is composed of a hierarchy of agents who engage in relatively
specialized activities and who are either paid by their superiors or offered a share
of the profits in a particular market sector. Business criminal organizations,
however, are more difficult to delineate than other criminal types. The division of
labour is the most complex, and business organizations need both to neutralize
state control through systems of corruption and acquire legitimacy by engaging in
legal business ventures, such as transportation, currency exchange, real estate,
food and beverage, entertainment, and the like (McIntosh 1975: 5058). The
boundaries of the organization are, therefore, often in flux, and methods such as
loyalties to criminal norms, violence, control over law-enforcement regimes, and
efficacious and profitable racket management are central in controlling
competitors, subordinates, and customers. As McIntosh puts it, a criminal
business organization depends, in a way that no other organizational system
does, on relationships with non-criminal sections of the society that are built up
interactively over time (58).
Cresseys and McIntoshs approaches share the same logic as ours: treating the
rationality of an organizational form as an explanation for its existence. Many
criminologists see social control as a reaction to deviance. They are chiefly
concerned to explain why people become deviant or else to investigate the
effectiveness of social control institutions. From our perspective, deviance does
not exist without social control, nor crime without law. Because we are concerned
with the pattern of relationships among individuals and not with individual
conduct per se, we deploy organizational concepts that can be combined and
recombined to explore the internal organization of computer-fraud teams in terms
of their criminal technologies and their division of labour, as these relate to the
legitimate gambling market milieu.
In attempting to analyze cyber-attacks on electronic gambling machines we ask,
What types of technical problems had to be overcome and solved for a successful
criminal outcome? What criminal division of labour was needed to accomplish the
illegal activity and how did it handle problems of opportunity, access and work
safety, property protection, site surveillance and detection, and relations with site
owners, other customers, and victims? and What do our findings contribute to the
study of computer crime?

Research sources and case study

This paper does not claim to provide a comprehensive analysis of computerrelated gambling crime. Rather it examines one specific case study. We adopt
Orum, Feagin, and Sjobergs (1991) definition of a case study as an in-depth,
multifaceted investigation using qualitative research methods of a single social
phenomenon (2). Our objective was to study the hows and whys of these cyberattacks, by documenting a continuous picture of the social techniques of
computer crime and its social organization over time that included the subjects
own descriptions of their experiences and their relations with others (Denzin
1970; Orum, Feagin, and Sjoberg).
Our case study pieces together a complex picture of computer hacking and
ghost programming for illegal gains. It documents the size of the criminal
group, its division of labour, the economic value of the cyber-attacks, and the
criminal organizations modus vivendi with the gambling industry. Compared to a
quantitative method that describes behaviour in statistical terms, our approach
emphasizes the social dynamics and organizational rationality surrounding this
form of computer crime. Our research adds to a growing body of literature that
documents similarities in criminal technologies for other types of fraud: bank
fraud, welfare fraud, credit card fraud, insurance fraud, retail fraud, and so on
(Rosoff, Pontell, and Tillman 2002).
The case of VL fraud came to our attention through people in the security branch
of the Atlantic Lottery Corporation (ALC) when we interviewed them in 1999 for a
research project on the social impacts of gambling. They informed us about a
series of cyber-attacks on electronic gambling machines in Nova Scotia and the
damage that these attacks had done to both their security system and the
manufacturers hardware and software. One officer explained:
We had to hire a specialist to come in ... to understand how this individual
hacked into our machines. ... My interest in the case was very specific,
rather callous. ... If I could convince this fellow, with the cooperation of
the RCMP, that we should have a little chat and find out what is
transpiring, well then at least we know what he knows and we can put
something in place to prevent it later.
The upshot of this approach was that law enforcement agencies made a deal
with the two offenders who were apprehended. In exchange for a lenient penalty,
the offenders agreed to provide detailed information about their organization and
modus operandi. They were interviewed over an extended period of time by both
the ALC and the RCMP. One offender, in particular, provided simulated
demonstrations of their criminal techniques and detailed accounts of their social
organization. These exposs were recorded and videotaped and resulted in the
accumulation of over 100 pages of archived data.
In September of 2001 we entered into a series of discussions with the ALC to
obtain access to the written texts and the videotaped materials. In December of
2001 we obtained permission to take notes from these materials, provided that
we did so under their supervision and published our results without attribution. In
January of 2002 we reviewed all of the written materials in the relevant files. Our
paper is based on this rich archival source. We extracted information from the
technical test documents, the investigative reports, and the testimonial accounts
of the offenders and clustered them according to specific questions and themes.
Gaps in the archived information were supplemented by seven interviews with
members of the sales, security, and enforcement and technical departments of

the ALC and members of the RCMP who were involved in the criminal
investigation.
The cyber-attacks on electronic gambling machines
Computer crime has been defined broadly as any purposeful act associated with
computers where someone suffers a loss and another makes a gain. More
formally, it has been defined as the destruction, theft, or unauthorized or illegal
use, modification, or copying of information, programs, services, equipment, or
communication networks (Perry, as cited in Rosoff, Pontell, and Tillman 2002:
417). The Canadian Criminal Code defines computer crime under section 342(1):
every one who, fraudulently and without colour of right (a) obtains directly
or indirectly, any computer service, (b) by means of an electro-magnetic,
acoustic, mechanical or other device, intercepts or causes to be
intercepted, directly or indirectly, any function of a computer system, or
(c) uses or causes to be used, directly or indirectly, a computer system
with intent to commit an offence under paragraph (a) or (b) or an offence
under section 430 (mischief in relation to data) in relation to data or a
computer system is guilty of an indictable offence ... or an offence
punishable on summary conviction. (pt. IX, s. 342.1)
Using these definitional guidelines, computer crime can be usefully classified as
follows: (1) financial theft, (2) computer hacking, (3) electronic embezzlement,
(4) malicious sabotage, (5) espionage, and (6) phone phreaking. These
categories, however, are not mutually exclusive. Many sophisticated
embezzlements and financial crimes, for example, rely heavily on skilled
computer-hacking techniques as well as on computer espionage (Rosoff, Pontell,
and Tillman 2002).
Our case study is an example of computer fraud that combines categories (1) and
(2). Typically, these types of fraud and theft are committed by people from
outside a victimized organization and are similar to financial crimes committed
against banks, credit card companies, telemarketers, software producers, and
government agencies that result in millions of dollars of losses (Rosoff, Pontell,
and Tillman 2002). These illegal acts usually involve an intelligent computer
programmer who has the ability to access source codes or accounts, falsify
records or transactions, copy confidential information, bypass security
safeguards, and enter fraudulent data or sleeper programs into computerized
systems to steal money from legitimate sources.
Thefts and frauds involving electronic gambling machines have also deployed
ghost programs, near miss programs, and source-code thefts to manipulate
gambling machines to pay out on an arranged, predictable basis (Aronovitz 1997;
Rychlak 1989). Players were often the victims, although operators were
sometimes scammed by serious thieves. Most of these practices required
advanced planning, extensive information gathering, routine surveillance, and copartners working in the gambling industry (for similar analysis of other types of
rackets see Chambliss 1978; Einstadter 1969; McIntosh 1975; Skolnick 1980;
Rosecrance 1985, 1988, 1990; Ross 1987). In our case study, stealing computer
source codes was not possible. Gambling machines software and hardware
instead had to be disassembled and this necessitated especially advanced criminal
technologies and a criminal organization capable of executing frequent fraudulent
acts.

Before discussing the cyber-attacks on VL machines, it is necessary to provide

some information about them. Video gambling terminals are run by complex
computer logic boards and not by inner governing and timing mechanisms, as
was the case with earlier gambling devices (Skolnick 1980). VL machines contain
a number of reel strips, each of which consists of the games symbols, combined
in a pre-defined order that operates according to pseudo-random number
generators (RNGs) (Aronovitz 1997). These are mathematical algorithms that use
numerical inputs (seed X) to produce numerical outputs (seed XL + 1). The
results are then fed into the algorithm to produce the next result and so on. The
action of feeding a seed into the RNG to produce an output is called an iteration
or cycle of the RNG. These algorithms are used to produce a sequence of
numbers, which when considered as a set of numbers, display random
characteristics. Given a particular input seed (X), it is possible to ascertain the
next output number in the sequence by using the formula. Conversely, if the
output seed (Xi + L) is known and the formula is known it is possible to
determine the input seed (X) (Aronovitz 1997).
Cracking protection codes
The first criminal technology required an extensive knowledge of microprocessors,
micro-controllers, hardware, mathematics, and computer programming and
programming languages. According to one technical expert who interviewed the
offenders, their knowledge was equivalent to that of a highly experienced
electrical/computer systems engineer ... with five years of experience in the
relevant area. This knowledge was acquired through trial and error experiments
on the manufacturers software and hardware. One security officer described the
gang leader as follows:
He is very knowledgeable with communications. ... He also has the
capability of downloading, reverse engineering and going right to the basic
language and reading it. He can read computer language like you can sit
down and read a text book, newspaper, whatever and he does it right off
the screen.
In the case of the VL devices that were defrauded (Swinging Bells), the reel strip
for each reel consisted of 24 symbols or stops. A reel stop is derived from the
RNG formula output. However, the number from the RNG output is always far
greater than the maximum 24 reel stops, because new seeds are incremental. For
payouts to occur, however, the machine reduces outputs to a value between the
lowest and highest reel stop number (i.e., 1 and 24). This scaling down process
means that many outputs (seeds) are ordered to map to similar reel stop values,
without biasing any reel stop to occur more frequently than others. That is, one
reel stop number is not favoured over another, and the terminal output is thus
rendered unpredictable. In addition, cycling the RNG before and during games is
designed to scramble game outputs, so that the next output number cannot be
known in advance.
The fraud team was able to exploit the deterministic qualities of RNGs and the
poor design and implementation of the output process in the computerized VL
machines. Their technique was based on observing screen outcomes in order to
predict and produce profitable payouts. Their first tool was a computer program
that simulated the RNG algorithm of the gaming machine. Over a five-year
period, one member developed an extensive database of over 20 gigabytes of
information that listed all of the gaming combinations that had the 24th reel stop
on the first two reels and the corresponding RNG seeds that generated the
respective screens.4 Their second tool was a number of computer programs that

searched for the machines payout combination in the random numbered

sequence. These programs were devised to uncover the number of RNG iterations
and the number of games required to call up the payout combination on VL
machines. Their tactics were as follows: first, games would be played on VL
machines at a particular operators site until the 24th reel stop on both the first
and second reel was observed by a team member; second, with this information
in their possession, another person would search the simulated illegal database.
This person, usually located in a nearby truck or room, would seek and find the
possible RNG seeds that produced the same screen image visible on the VL
machine at the operators site; third, the same person would iterate the RNG
simulator in their possession and compare the screen output from their simulator
to the screen output of the next game on the VL terminal, thereby locating the
correct seeds used in the formula on the VL machine; fourth, using another
computer program which solves mathematical equation problems quickly, they
would then search the sequence of the RNG seeds on their simulator and the
corresponding screens that the seeds produced to determine the number of
iterations required to generate precise combination payouts; finally, in concert
with other team members, they would deploy a minimum betting strategy on a
targeted machine until a few games before the payout game, where upon they
would maximize their bet to take advantage of the fever mode feature, which
awarded them continuous payouts and higher than average returns. One law
enforcement officer described their modus operandi:
Three subjects would travel to a business with VLTs. First person would
stay in the vehicle with a lap top computer, radio equipment, etc. ...
Second and third subjects would enter the business. The player would be
outfitted with a video camera, communication equipment, an ear piece,
and a power source. This person would focus the camera on a terminal
screen and relay the playing/spinning of the screen to the operator in the
vehicle, enabling the computer guru to determine where the screen was in
the random mode. From here the person with the computer, using highspeed equipment, could tell how far away the terminal was from paying
out. When the device was close to paying out, the person inside the
business would be told to increase the bet from 5 credits to 50 credits.
The process of cycling in gaming computers also had to be overcome by the
criminal team. Changes made to the chip technology in the mid-1990s
incorporated a security form of cycling during the VL machines idle mode.
However, the protection afforded by this improvement was easily breached. The
RNG algorithm was not changed in the new chips that were inserted into the VL
machines. So with trial and error experiments, the criminal group determined
that the rate of cycling in a VL machine was actually constant and predictable.
Using their simulator, they determined how many cycles occurred minute by
minute. Furthermore, they discovered another flaw in the terminal software: once
the bet button was held down, the software waited for its release and went into
idle mode. This meant that the fraud team could identify a screen, freeze it, and
calculate the rate of cycling by minute. They no longer needed to play as many
games on VL terminals to synchronize the RNG on the VL machines to predict
their payouts. The VL terminal could now be left to cycle in idle mode, with one
member timing the number of iterations per minute. Then at a number of cycles
(for example 50) prior to the payout combination, the bet button would be
alternately pressed and released to reveal a screen output, thus interrupting and
releasing RNG cycling. This screen output was quickly matched on the crime
groups simulation program and allowed for ever more precise calculations so that
cyber-attacks could be carried out more quickly and efficiently, with less
monetary outlay up front. As one security officer put it:

When the machine was changed ... there was still a flaw in it; what he was
able to do was save his nickel a plate because he knew that the thing
[machine] would iterate so many times in a minute. So all he had to do
was let it go wild for 17 minutes and he knew it moved ahead 3,000
games. Then he stopped it, then he would up his bet to $2.50, and so we
made it faster for him by improving it [machine] and made it cheaper for
him by improving it [machine].
Boot tracing and ghost programming
The second type of criminal technology required an advanced knowledge of the
logic area of the machines, as well as an ability to access them. When the bonus
prize reached a maximum value, that value was displayed on the game screen
and then awarded to the player. Although the master meters of the machine were
stored in critical memory, regularly copied in different physical random access
memories (RAMs), and made available to the regulator (ALC), the bonus meter
feature of the terminal was not part of critical memory. Consequently, RAM
storage was isolated in a single location in the VL machine and not regularly
validated. One general strategy attacked this bonus prize feature. Members of the
criminal group accessed and removed the machines back-up memory boards
from the main logic boards. This allowed them to observe the contents of RAM by
using a commercially available reader program, not unlike a machine code
monitor, which is used by crackers to pirate copy-protection codes on the
Internet, an operation known as boot tracing (Rosoff, Pontell, and Tillman 2002).
The crime group then located the bonus meter in RAM, inserted new instructions
that modified a back-up RAM board, which then manipulated the contents of the
bonus-meter memory logic to a score just below the bonus-meter maximum. At a
critical point, the modified RAM was reinstalled and the bonus-meter feature was
immediately triggered. The credit meter was then cashed out and returned to an
updated position. This fraud was accomplished successfully because (1) the
manufacturers hardware could be altered without their knowledge and detection;
(2) there was no internal check on the validity of the bonus-meter value and the
corrupt substitution of RAM; (3) the logic-access detection mechanisms were
easily disassembled and compromised; and (4) the event log registering evidence
of tampering in the machine could be erased without trace and the log pointer
stored in RAM could be re-set to a previous proper logic access. As one security
officer observed:
One of the individuals had a grade-12 education, maybe one year of
university ... and he is generally what we would call a hacker who had a
great deal of mobility. His family has been involved in the business for
some time, from the grey market to the legitimate market. And this
individual had access to the game chips. He was also very familiar with the
inside of the machine because one time he set up a similar system to what
we operate, on the reserves.
The second general strategy manipulated the payout schedule stored in the
EPROM5 of the machine to increase the payouts for a winning combination,
thereby raising the totals won and cashed out. This involved two distinct tactics.
First, the criminal team removed the EPROM from the terminal and scanned its
contents, using an EPROM programming device, to look for possible table
locations by searching for the sequence in the EPROM image. Then they copied
the contents of the EPROM and the contents of the relevant locations in the pay
table to a binary image, a process known as soft-lifting. Next, they increased the
monetary payout values found in these locations, modified the EPROM
accordingly, and experimented in their illegal computer software to reveal the

correct placement of the pay tables. Second, they undermined the EPROM
verification process. In many computer devices, internal checks on sums awarded
are computed over the entire contents of EPROM in order to prevent fraud.
However, in the case of these VL machines, check sums were reinitialized and
overwritten each time the terminals were powered on,6 thus allowing for
clandestine additional payouts. Changes to the ROM were undetected because the
check sum verification software did not register them. So the fraud team simply
determined the relevant memory locations for the pay tables, altered a copy of
the EPROM image, programmed a new image to a blank EPROM, and reinstalled
it. This meant that counterfeit values, when added to the EPROM pay tables, were
not easily discovered by either the manufacturer or the regulator.
Trap doors and down-lining
The third criminal technology involved placing a terminal in stand-alone mode,
without the knowledge of the regulator and its monitoring system. In effect, by
deploying micro-controller code and assembler programming language, the
criminal group made illegal terminals out of legal ones. First, they created a
custom-built board that manipulated the VL-computer back-up RAM. This custombuilt board consisted of a micro-controller with ROM storage, a serial port that
could be interfaced with a personal computer, and a connector for the VLcomputer back-up RAM board. Next, they either uploaded or downloaded the
contents of the VL-computer RAM to a personal computer, using this back-up
board. The micro-controller ROM on the back-up board was programmed to clear
RAM and modified to copy an image of an online, enrolled terminal to the RAM
before it was reinstalled in the VL terminal.7 This was not especially complicated,
as the gang had already outwitted the RAM protection system. In this instance,
however, the modified image was not a manipulation of the bonus meter; rather it
was a trap door technique, which deceived the enrolment system of the regulator
into believing that the VL machine was operating in playable, online mode, when
in fact it was in stand-alone mode.8 This was possible because upgraded copies of
EPROM images were easily obtained in the black market to overcome the latest
chip technology innovations. These images were installed in the regulators
terminals with relative ease, because the logic area locks supplied by
manufacturers were easy to access and because the monitoring system was
incapable of detecting network disconnections in real time.9
Criminal technologies, criminal organization, and computer crime
These criminal techniques suggest that this VL computer fraud was organized as a
series of crimes that were projects in themselves. Each involved separate
advanced planning and organization. Indeed, the illegal techniques were geared
to reducing the risk and uncertainty surrounding the criminal acts (McIntosh
1975). To start with, the criminal organization identified many of the strengths
and weaknesses of the computers electronic technology and calculated the risk
costs, before they even planned their deficit manipulations. As one investigator
put it, he had illegal and legal machines and equipment, this allowed him to
know or have expertise where the gambling industry was going in developing its
machines and games ... he had EPROMs which had new changes to them. These
hadnt even been introduced into Nova Scotia. The simulation methods used to
decode the RNG also reduced the dangers of recognition at the various fraud
sites. The speed of the crime increased progressively as the organization became
more experienced and effective in manipulating, copying, and altering software
and communicating with each other. One law enforcement officer observed,

They may play three or four games to get a sample to video back to the
mastermind sitting in the van. In the van his computer had more gigs to
get more (capacity to identify the pattern) ... this is how quick it was for
the scam to be conducted ... a matter of minutes. Once they picked the VL
machine they would stay there. If it took too much time to get where the
payouts would occur, they would change machines.
Similarly, the threat of being stopped or questioned by other players, customers,
and employees was neutralized by the skill of the criminal group in disguising
their communication devices (i.e., hidden cameras, video equipment, and twoway radios), in calibrating payouts and bonuses quickly, and in using multiple
lookouts, button pushers, and collectors to avoid suspicion. Detecting and
monitoring systems, which were designed to discover faults, corruptions,
substitutions, enrolments breakdowns, and unauthorized access to the machines,
were combatted by techniques that duped the manufacturers hardware and
software and tricked the regulators system into believing that its technology was
functional, when in fact it was being sabotaged. The risks of surveillance,
identification, apprehension, and prosecution were technically managed, so that
these project crimes could be committed repeatedly and relatively successfully for
a four-year period, without too much fear of corporate, regulatory, or police
discovery.
The core technologies, moreover, were embedded in a wider social organization,
which consisted of a network of 12 to 15 members, drawn from one small rural
community in northern Nova Scotia. They structured the financing costs,
monitored the flow of information, and conducted the crimes. The organization
included a technical expert, who planned the cyber-attacks; accomplices, who
cased machines, relayed information back and forth from the crime scenes to the
intelligence sites (usually located in strategically placed vans or in local hotel
rooms), executed the frauds, and collected the winnings; and lookouts, who
spotted for trouble. The boundaries of the criminal organization were not
especially rigid. Work relationships were routine but relatively informal and fluid.
Not all members were used in each and every fraud and the crime group did not
establish or monitor enduring employee relationships (Reuter 1985; Smith 1980).
Personal kinship relationships involving uncles, aunts, and cousins, however,
ensured trust, secrecy, and group integration that, in turn, protected the core
criminal technologies in the task environment from external scrutiny. No members
of the criminal family had previous criminal records and most of them were
unknown to the authorities in the gaming industry. No other computer frauds of
this nature were committed in the province at that time, so they were not in
competition with other crime groups.
The overall operation required little expenditure. Items such as laptop computers,
computer hardware and software, video equipment, and communication devices
were the major expenses. Betting capital, travel, and accommodation were
regular but minor costs. So the illegal enterprise did not tap economies of scale,
obtain external financing for their ventures, or advertise their services widely
(Reuter and Rubenstein 1982). The geographical scope of the crimes was
therefore local and was confined to rural communities in the central corridor of
Nova Scotia (an area of approximately 500 kms) and to the metropolitan Halifax
area. From October 1997 to June 1998 there were two to three known attacks a
week, which resulted in approximately ninety machines being defrauded. The
estimated take per machine was about $1,000, for a total take of $90,000. This
suggests that the grand total for four years of operation was approximately half a
million dollars.10 The distribution of illegal profits was egalitarian and the take was
divided evenly among all members who participated in specific cyber-attacks.

This criminal enterprise seems not to have been a group making money, in the
usual sense of accumulating, investing, and circulating capital. They restricted
their criminal practices to VL machines that typically had small progressive
payouts in the amount of $1,500. Nor did they deploy their criminal technologies
to defraud casino slot machines, where payouts were in the tens of thousands of
dollars. They preferred to take small winnings from easily available and widely
dispersed gambling sites, where they could fit in and return again. Members of
the fraud organization were not involved in either professional or other criminal
careers. One law enforcement officer observed, this was a group who got
together occasionally to commit these frauds just so they could say they did and
to get extra cash from the government. Most of their scams were for the purpose
of improving their lifestyles purchasing new clothes, expensive restaurant
meals, transportation, computer and communication equipment, and gifts for
family members and for the thrill of breaking into gambling computer systems.
As one law official quipped,
In his re-enactments he knew he could do some of the things he said he
could. The engineers believed he could do some of the things he said he
could. ... I think he was glad to be caught since he could demonstrate his
skills to the gaming personnel ... he was in his element and ... wanted to
demonstrate his proficiency to those attending the demonstration.
Not all the criminal technologies were practised equally. While the criminal group
displayed the capacity to attack the inner workings of gambling machines, they
restricted much of their known criminal conduct to external predictive techniques.
Nevertheless, their social organization required collusive arrangements with
legitimate business people who operated or owned legal gambling machines and
gambling sites (Haller 1990). Following Liddicks (1999) research on the numbers
gambling industry, which found that illegal gambling products were supplied by
both a criminal organization of numbers workers and a loose network of societal
players, like lawyers, police, and politicians, we found that the criminal group had
access to state-of-the-art legal gambling machines, illegal gaming devices, disc
identifiers and programs capable of compromising source codes, EPROMs, and
other computer components that could only be provided by legitimate
manufacturers or by licensed operators. As one law enforcement officer stated,
He had to be in collusion with the computer industry somewhere. ... He
was in the legal business for a time and he worked on machines before the
machines were legalized ... but no one could trace the EPROMs back to the
gaming industry but all who supplied him with legal equipment came
from outside the province. We could track back some equipment but it was
cumbersome. We know it came from outside the country.
These partnership arrangements were relatively easy to form, since some site
holders in the legitimate market were once operators in the illegal grey market.
When legalization occurred, they modified their machines to operate them around
a centralized, online, dial-up system.11 Swinging Bells was one machine that was
easily adjusted to meet the governments new registration and protection
standards. The motherboard on this machine was changed to include a refitted
dotted board over the original and a new Geneva processor chip. This allowed the
modified machine to be connected to a centralized, government enrolment
system. But as one technical consultant noted, this game was also ideally suited
for attack because it was less secure, and known by those working in the black
market. Technical knowledge, social friendship, and kinship ties forged over time
in the illegal market were the working nexus around which these cyber-attacks in

the legal market were practised routinely and successfully. One enforcement
officer noted,
Remember this person ... had inside information. ... I dont think a normal
person on the street, without the background, computer skills and desire
to defeat these devices could obtain the same result as this individual. ...
There is no individual I am aware of nationally or internationally that could
do what this individual did. ... Had this individual clammed up, no one
would know what he did or was capable of doing.
The criminal group also experimented with and perfected core technologies that
removed and re-engineered computer parts, reinstalled Trojan horses, and downlined gambling machines. These criminal techniques involved social arrangements
that required overt complicity or covert approval by venue operators or
employees. In some instances, machines were chosen in out-of-the-way places
that were difficult to observe by site holders and employees (i.e., in separate
rooms or corridors attached to bars or lounges). In other instances, a joint
venture between the criminal organization and a legitimate operator or an
employee was required to defraud both players and government of revenues. As
one technical investigator put it, the terminal [would] not be part of the daily
pull ... all profits [would] be directed to the on-site personnel. Arrangements to
accomplish this type of fraud included accessing the door detection system,
altering access records, creating connector arrangements between a VL machine
and a PC on site, overcoming terminal security measures, and exiting the site
without causing suspicion. As one security officer observed, If someone wants to
tamper with the machine, then it usually has to be collusion between an
employee and a site holder. ... If there is going to be financial gain, then it is the
site holder who has to reimburse to make everything look legitimate. While the
criminal group demonstrated these intrusive techniques on videotape for industry
and law enforcement officials, they were not practising them when they were
apprehended. Nor were their networks with legitimate site holders and their
employees uncovered, but such partnership arrangements likely existed. As one
criminal investigator put it, As far as we know, we do not think that they got into
any machines, but they were in the training phase. ... Remember one subject had
a family background in the gaming industry ... and spent time working in the
legal industry ... so who knows for sure ... ?
While there were collusive relationships between the criminal group and some
people working in the supply and software side of the gaming industry and some
site operators and their personnel, these relationships never formed into stable
dyadic alliances, with the primary purpose of furthering coordinated, collective
goals through illegal means (Albini 1971). Public and private officials were not
passively corrupted or recruited as agents peripheral to the criminal organization.
Nor did they assume the more dynamic role of managers or partners of the crime
group. The social organization of this VL fraud, then, was primarily a working
method for the pursuit of individual self-interest rather than for the development
of common goals. One law enforcement officer put it as follows: This wasnt an
organized group in the true criminal sense. ... I dont think they realized what
damage they could perpetrate, or if they did, they still only committed the frauds
when they wanted extra cash or to travel. Their crimes were conducted with
modest cash flows that, in turn, limited the growth potential of the organization.
The illegal enterprise did not accumulate capital or invest it in a manner that
increased criminal role specialization. So the criminal organization of this VL fraud
did not resemble an evolving, differentiated, integrated hierarchical pyramid but
rather a roadmap, with the lines that connected the various people and positions

going off in discrete, multiple, and in some instances, overlapping directions

(Cressey 1972).
Eventually the cyber-attacks were exposed and the criminal organization was
disbanded. The RNG fraud techniques were discovered by on-site retailers and
they notified the regulator. The ALC, in turn, initiated a criminal investigation, and
members of the crime group were identified.12 The RCMP then set up a
surveillance operation for two and a half months. Two offenders were arrested
and charged, under section 342.1(1)(b) of the Criminal Code of Canada, with
unauthorized use of a computer, computer programs, computer data, and
mechanical devices to defraud a video lottery terminal. Each received a
conditional discharge and one year probation. They were very cooperative,
insisted one investigator. One of the offenders told us not to touch his computer
otherwise we would have been locked out or lost the information. ... Had he
clammed up, I dont think we could have charged him since all the evidence
would have been gone.
The regulator recognized that their gambling machines and security systems had
been cracked wide open and compromised. They immediately launched a
technical review of all their machines standards and specifications.
This one guy was so good ... we could not bring in people from an
investigators point of view that had already had a vested interest in
approving the product that had been put out there. So we hired an
organization ... out of Australia ... and we had them do a re-evaluation of
the entire program and the chips.
This assessment resulted in security changes to the RNG, the EPROMs, the
motherboards, the background cycling system, the critical memory features, and
the logic area locks of the computers, as well as to the enrolment monitoring
system and the on-site inspection regime.
Gambling-related fraud and computer crime
These cyber-attacks on gambling machines demonstrate the validity of the first
rule of electronic crime: Any machine made by humans can be defeated. They
also raise questions about how our research fits with the general literature on
computer crime. To start with and as in other prominent fraud cases, the leader
of the cyber-attacks on VL machines was a youthful computer programmer who
understood the technical complexity of machines intimately and combined
hacking with theft. Like other computer criminals, he had little formal training and
learned his technical skills by trial and error, breaking into programs and VL
terminals for fun and pushing electronic buttons to see what the screens and
systems would reveal (Rosoff, Pontell, and Tillman 2002).
Second, the techniques used to defraud hundreds of gambling machines in Nova
Scotia were similar to the technologies used to embezzle or steal money and
information from insurance companies, credit card firms, telemarketers, mutual
funds, and government agencies. While some known computer criminal teams are
small in scale and are apprehended within days or weeks of their criminal acts,
this was not the case for the group we studied. The criminal group was not inept.
It was a medium-sized family business that had the capacity to evade, avoid, and
neutralize the law, by clever manipulations and deceptions, for a period of
approximately four years.

Third, like many known computer fraudsters and hackers, these cyber-criminals
were eventually detected, arrested, and convicted, because they made mistakes
in orchestrating their attacks. The size of their network, the deployment of
personnel, the use of communication devices and vehicles, and their maximum
betting strategies meant that the criminal organization was able to conduct
routine attacks on valuable and well-protected property but only for a limited
period of time (McIntosh 1975). They became a subject of suspicion when they
used one collector too frequently to cash in huge payouts, one type of vehicle too
often to run their intelligence operations from, and one type of communication
device (cell phones) too carelessly to interact with gang members inside VL
locations.
Fourth, computer frauds are sometimes associated with acts that steal millions
and even billions of dollars from private financial institutions and government
agencies: US$21 million from the Wells Fargo Bank in San Francisco, $70 million
from the First National Bank in Chicago, and $10.2 million from the Security
National Bank in California (Rosoff, Pontell, and Tillman 2002: 426). But many
computer frauds do not operate on this scale. Mativat and Tremblay (1997), for
example, suggest that counterfeit credit card frauds in Canada in the 1990s were
not world-class frauds; rather most were small takes, conducted repeatedly over
time. In our study, the fraud organization also was not motivated by the pursuit
of the big score. Rather than generating grand profits, their cyber-attacks
supported subsistence incomes and lifestyles for group and family members.
Nevertheless, the technical expert wore his mastery of skills like a badge of
honour, as is common with many cookbook hackers, who break into computer
systems for the challenge of it as much as for the economic gain (Rosoff, Pontell,
and Tillman).
Finally, crime, gambling, and computers have grown together and will continue to
do so. The spread of computer technologies and gambling profits has resulted in
numerous, costly money-laundering operations, lottery frauds, cheats-at-play
schemes, and embezzlements and thefts from gambling sites (Beare and
Schneider 1990; Beare 1996; Campbell 1996; Ross 1987; Smith 1990; Smith and
Wynne 1999). A typical illegal gambling machine in Canada now nets
approximately CAN$83,000 a year, and an illegal bookmaking operation yields a
profit of over $1 million in wagers a week, when betting volume is high. Some
cheats-at-play schemes are international and involve dozens of players,
scamming many casinos, for millions of dollars (Smith and Wynne, 1999: 5556).
These developments have contributed to new crime control measures, such as
high-resolution video surveillance, miniaturized listening devices, increased
private security, and advanced anti-fraud systems, with firewall software that
shields private information from hackers and thieves. But developments in new
surveillance technologies and new hardware and software protection do not
necessarily mean the end of electronic gambling fraud. Rather, as McIntosh
(1995) notes, treating criminal organizations as rationally geared to handling the
technical problems of crime (73) which are the problems of negotiating social
control generally means that in all likelihood computer criminals will respond to
improved security technologies with more sophisticated criminal technologies.
This, in turn, adds to the dialectic of crime and crime control and continues a
never-ending cycle, where one computer group tries to outsmart another with the
latest keys, codes, tags, and seals. One law enforcement official speculated about
the control of future cyber-attacks in the gambling industry: I have been in law
enforcement for 20 years ... counterfeits, scams, thefts, and frauds get more
sophisticated as technical security features get more advanced.
Notes

1. Gross gambling profits in Canada increased by a factor of 3 (from $6 billion to

$18 billion) in the years from 1992 to 2000. According to Azmier 2001; Campbell
and Smith 1998; and Marshall 2001 most of this growth was accounted for by
increased slot machine gambling.
2. Crimes have ranged from small-scale electronic hustles to insider crimes
committed by operators, employees, and players, to well-organized conspiracies
involving many participants at multiple sites in transnational settings. The
interested reader may wish to consult the following research: Beare 1996; Black
1996; Campbell 1996; Chang 1996; Giacopassi and Stitt 1993; Grinols, Mustard,
and Dilley 1999; Hakim and Buck 1989; Henrikssen 1996; Kindt 1994; Liddick
1999; McMullan, Perrier, and MacDonald 2000; Nova Scotia Department of Health
1998; Reuter and Rubinstein 1982; Rosecrance 1990; Rosenthal and Lesieur
1996; Seelig and Seelig 1998; Shaffer, Hall, and Bilt 1997; Smith and Wynne
1999; Stokowski 1996a, 1996b; Thompson, Gazel, and Rickman 1996; Walker
1997; Walker and Dickerson 1996; Zendzian 1993.
3. See also the work of Best and Luckenbill 1982; Block and Chambliss 1981;
Cohen 1977; Reuter 1985 and Potter 1994; who have also developed interesting
theoretical ideas about criminal organizational rationality.
4. The search to locate the generating seeds was time consuming. Through a
process of trial and error, the perpetrators (using a 32-bit program) managed to
reduce the search time from 1.5 weeks to 8 hours to 20 seconds.
5. EPROMS are computer chips that store information in memory that regulates a
video gambling devices play, such as creating payouts to players, ensuring an
absolute game of chance for each new play, and monitoring the machines
electronic account record so that it corresponds to the governments record.
6. In the case of IGT terminals, the technical organization of the fraud required
more effort and thought, because IGT had developed additional security against
RAM and EPROM corruption. Check sums were stored in the EPROMs and also the
RAMs and so the verification implementation was recalculated and rechecked.
This meant that the criminal group had to disassemble a code through a process
of trial and error, before they could program a new image and reinstall it.
7. This technique is akin to Gaffing or Phantom Programming, where operators
install hidden programs into a gambling machine to change the regulated payout
specifications of fair play at the expense of players.
8. Again in the case of IGT terminals, the fraud techniques were more
complicated and involved reverse engineering the disassembled game image and
forcing a RAM corruption to disconnect the terminal from the system without ever
being detected. In the opinion of investigators, this criminal organization was a
step ahead of the manufacturers protection system and the governments
monitoring apparatus. They rated this type of fraud moderate to high risk.
9. The online system used by the regulator is a delayed polling system that
reactively responds to anomalies every 24 hours or longer.
10. These estimates are based on information supplied by the RCMP to the ALC.
Our estimate of a grand total is based on the assumption that the level of illegal
activity was consistent over a four-year period, following a one-year period of trial
and error.

11. There are a number of controlling, accounting, and collection systems: the
hard meter, the dial-up, and the online. The dial-up system revolves around one
central computer, which calls up each device at a specified time and records all
relevant information. The devices in gambling establishments are connected by
modem to a main computer and the main computer polls every VL machine once
every 24 hours. It is estimated by the ALC that approximately 12,000 grey
machines could not be connected to the dial-up system and these machines were
moved west to other Canadian provinces and to the northeastern United States.
12. Site holders determined the identity of fraud members by paying out winnings
by cheque. This resulted in the discovery of their addresses and the development
of extensive surveillance of their activities.
References
Albini, J.
1971 The American Mafia: Genesis of a Legend. New York: AppletonCentury
Crofts.
Aronovitz, C.
1997 To start, press the flashing button: The legalization of video gambling
devices. In W.R. Eadington and J.A. Cornelius (eds.), Gambling Public Policies and
the Social Sciences. Reno, NV: University of Nevada.
Azmier, J.
2001 Gambling in Canada 2001: An Overview. Calgary: Canada West Foundation.
Azmier, J., R. Kelley, and P. Todosichuk
2001 Triumph, tragedy or tradeoff? Considering the impact of gambling. Gambling
in Canada Research Report No. 14. Calgary: Canada West Foundation.
Beare, M.
1996 Criminal Conspiracies: Organized Crime in Canada. Scarborough, ON:
Nelson.
Beare, M. and S. Schneider
1990 Tracing of Illicit Funds: Money Laundering in Canada. Working paper,
Ministry of the Solicitor General of Canada.
Best, J. and D.F. Luckenbill
1982 Organizing Deviance. Englewood Cliffs, NJ: Prentice-Hall.
Black, E.
1996 Gambling mania: Lessons from the Manitoba experience. Canadian Public
Administration 39(1): 4961.
Block, A.A. and W. Chambliss
1981 Organizing Crime. Amsterdam: Elsevier.
Campbell, C.
1996 April Lottery Ticket Resales: A Canadian Law Enforcement Nightmare. Paper
presented at the National Conference on Problem Gambling, Crime and Gaming
Enforcement, Illinois State University, Normal, Illinois.

Campbell, C. and G. Smith

1998 Canadian gambling: Trends and public policy issues. Annals of the American
Academy of Political and Social Sciences 556 (March).
Chambliss, W.
1978 On the Take: From Petty Crooks to Presidents. Bloomington: Indiana
University Press.
Chang, S.
1996 Impact of casinos on crime: The case of Biloxi, Mississippi. Journal of
Criminal Justice 25(5): 431436.
Cohen, A.K.
1977 The concept of criminal organization. British Journal of Criminology, 17(2):
97111.
Criminal Code
1985 R.S.C., pt. IX, s. 342.1.
Cressey, D.
1972 Criminal Organization: Its Elementary Forms. London: Heinemann.
Denzin, N.K.
1970 The Research Act: A Theoretical Introduction to Sociological Methods.
Chicago: Aldine.
Dickerson, M.
1996 Why slots equals grind in any language: The cross cultural popularity of
the slot machine. In J. McMillan (ed.), Gambling Cultures. New York: Routledge.
Eadington, W.R.
1996 Ethical and policy considerations in the spread of commercial gambling. In J.
McMillan (ed.), Gambling Cultures. New York: Routledge.
Einstadter, W.J.
1969 The social organization of armed robbery. Social Problems 17(1): 6483.
Giacopassi, D. and B.G. Stitt
1993 Assessing the impact of casino gambling on crime in Mississippi. American
Journal of Criminal Justice 18(1): 117131.
Goodman, R.
1995a Legalized Gambling: Public Policy and Economic Development Issues.
Economic Development Review 13(4): 5557.
Goodman, R.
1995b The Luck Business: The Devastating Consequences and Broken Promises of
Americas Gambling Explosion. New York: Free Press.
Grinols, E., D. Mustard, and C. Dilley
1999 Casinos and Crime. Study prepared for the U.S. National Gambling Study
Commission, Washington, DC.
Hakim, S. and A.J. Buck
1989 Do casinos enhance crime? Journal of Criminal Justice 17: 409416.

Haller, M.H.
1990 Illegal enterprise: A theoretical and historical interpretation. Criminology
28: 207235.
Henrikssen, L.
1996 Hardly a quick fix: Casino gambling in Canada. Canadian Public Policy,
22(2): 116128.
Kindt, J.W.
1994 Increased crime and legalizing gambling operations: The impact on the
socio-economics of business and government. Criminal Law Bulletin 30: 538555.
Liddick, D.
1999 An Empirical, Theoretical and Historical Overview of Organized Crime. New
York: Edwin Mellen.
Marshall, K.
1996a Autumn A sure bet industry. In Perspectives. Ottawa: Statistics Canada.
(Catalogue no. 75001-XPE)
Marshall, K.
1996b July Games of chance. In Family Expenditure in Canada. Ottawa: Statistics
Canada. (Catalogue no. 62555-XPB)
Marshall, K.
1998 Winter The Gambling Industry: Raising the Stakes. In Perspectives. Ottawa:
Statistics Canada. (Catalogue no. 75001-XPE)
Marshall, K.
2001 Fact sheet on gambling. Perspectives on Labour and Income 13(2): 4751.
Mativat, F. and P. Tremblay
1997 Counterfeiting credit cards: Displacement effects, suitable offenders and
crime wave patterns. British Journal of Criminology 37(2): 165183.
McIntosh, M.
1975 The Organization of Crime. London: MacMillan.
McMillan, J.
1996 From glamour to grind: The globalization of casinos. In J. McMillan (ed.),
Gambling Cultures: Studies in History and Interpretation. London: Routledge.
McMullan, J.L., D.C. Perrier, and M. MacDonald
2000 Convenience gaming and social impacts in Nova Scotia. In Nova Scotia
Alcohol and Gaming Authority, Annual Gaming Report Appendices, Vol. 2.
Dartmouth, NS: Government of Nova Scotia. (Annual Report 199899)
Nova Scotia Department of Health, Drug Dependency Services
1998 Nova Scotia Video Lottery Players Survey 19971998. Halifax, NS: Author.
Orum, A., J. Feagin, and G. Sjoberg
1991 The nature of the case study. In J. Feagin, A. Orum, and G. Sjoberg (eds.),
A Case for the Case Study. Chapel Hill: University of North Carolina Press.

Potter, G.W.
1994 Criminal Organizations. Prospect Heights, IL: Waveland.
Reuter, P.
1985 The Organization of Illegal Markets: An Economic Analysis. Washington DC:
U.S. Government.
Reuter, P. and J. Rubinstein
1982 Illegal Gambling in New York: A Case Study of the Operation, Structure and
Operation of an Illegal Market. Washington, DC: U.S. Government.
Rosoff, S.M., H.N. Pontell, and R.H. Tillman
2002 Profit without Honor: White-Collar Crime and the Looting of America. Upper
Saddle River, NJ: Prentice-Hall.
Rosecrance, J.
1985 The Degenerates of Lake Tahoe. New York: Peter Lang.
Rosecrance, J.
1988 Gambling without Guilt: The Legitimation of an American Pastime. Pacific
Grove, CA: Brooks/Cole.
Rosecrance, J.
1990 The stooper: A professional thief in the Sutherland manner. In D.H. Kelly
(ed.), Criminal Behavior: Texts and Readings in Criminology. New York: St.
Martins.
Rosenthal, R. and H. Lesieur
1996 Pathological gambling and criminal behavior. In L. Schlesinger (ed.),
Explorations in Criminal Psychopathology. Springfield, IL: Charles C. Thomas.
Ross, G.
1987 Stung: The Incredible Obsession of Brian Molony. Toronto: Stoddart.
Rychalak, R.J.
1989 Video gambling devices. UCLA Law Review 37(1): 555593.
Skolnick, J.H.
1980 House of Cards: Legalization and Control of Casino Gambling. Boston: Little,
Brown.
Seelig, M.Y. and J.H. Seelig
1998 Place your bets! On gambling, government and society. Canadian Public
Policy 24(1): 91106.
Shaffer, H.J., M.N. Hall, and J.V. Bilt
1997 Estimating the prevalence of disordered gambling behavior in the United
States and Canada: A meta-analysis. Boston, MA: Harvard Medical School,
Division on Addictions.
Smith, D.C.
1980 Paragons, pariahs and pirates: A spectrum-based theory of enterprise.
Crime and Delinquency 26: 358386.

Smith, G.J.
1990 Pools, parlays, and point spreads: A sociological consideration of the
legalization of sports gambling. Sociology of Sport Journal 7(3): 271286.
Smivh, G.J. and J. Azmier
1997 Gambling and the Public Interest? Calgary, AB: Canada West Foundation.
Smith, G.J. and H. Wynne
1999 Gambling in Canada: Triumph, Tragedy or Tradeoff? Calgary, AB: Canada
West Foundation.
Stokowski, P.
1996a Riches and Regrets: Betting on Gambling in Two Colorado Mountain Towns.
Niwot, CO: University Press of Colorado.
Stokowski, P.
1996b Crime patterns and gaming development in rural Colorado. Journal of
Travel Research 34(3): 6369.
Thompson, W.N., R. Gazel, and D. Rickman
1996 Casinos and Crime in Wisconsin: Whats the Connection? Milwaukee, WI:
The Wisconsin Policy Research Institute.
Vaillancourt, F.
1999 February Government Gambling Revenues, 19851995/1996: Evidence
From Canada, Great Britain and Australia. Revised paper, presented at the 1998
Conference of the National Tax Association, Austin, Texas.
Walker, M.B.
1997 The impact of casinos in urban centers on problem gambling. In W.R.
Eadington and J.A. Cornelius (eds.), Gambling: Public Policies and the Social
Sciences. Reno, NV: Institute for the Study of Gambling and Commercial Gaming,
University of Nevada.
Walker, M.B. and M.G. Dickerson
1996 The prevalence of problem and pathological gambling: A critical analysis.
Journal of Gambling Studies 12(2): 233249.
Zendzian, C.A.
1993 Who Pays? Casino Gambling, Hidden Interest and Crime. New York: Harrow
and Heston.