MGM Resorts finds itself dealing with the ramifications of a relentless cyberattack. The aftermath has left a trail of disruption, financial woes, and a lingering sense of vulnerability from customers. The MGM cyberattack serves as a reminder the digital battlefield is rife with cybercrime, affecting not only MGM but also other industry behemoths like Caesars Entertainment. Lots of news coverage surrounds the matter, including a recent article from TechCrunch.
The MGM Outage
The saga began when MGM Resorts, known for iconic properties on the Las Vegas Strip, such as the Bellagio, Aria, and Cosmopolitan, was hit by a devastating cyberattack reported to be on the organization's Okta account. The fallout from this attack caused widespread disruption across the company's hotels and casinos. Guests were met with a litany of inconveniences, from non-functional ATMs and slot machines to room entry problems and electronic payment systems failing. A logistical nightmare extending over several days has painted a bleak picture for MGM and its patrons...and should be a warning to all organizations in every industry the importance of solid cybersecurity systems and incident response plans.
The Crisis Persists
Despite MGM's reassurances its resorts were "currently operational," the crisis shows no signs of abating. Social media has been lighting up with first-hand accounts and videos displaying and detailing continued disruptions, with queues forming at affected properties as staff uses old-fashioned pen and paper. Guests lamented the lack of TV service in hotel rooms and the unresponsive MGM phone lines, not to mention long manual payout times at slots and virtual machines taking anywhere from 20 minutes to an hour.
Scattered Spider Takes Credit
A representative for a notorious hacking group, Scattered Spider, recently claimed responsibility for the MGM cyberattack. This revelation first surfaced on vx-underground, a malware repository collective. Scattered Spider, reported to be a subgroup of the ALPHV ransomware gang, emerged as the prime suspect. ALPHV has since also claimed ownership of the attack directly. The extent of data exfiltration from MGM's systems remains unknown.
Caesars Entertainment Falls Victim
Caesars Entertainment has also encountered cybersecurity problems. Bloomberg reported Caesars fell victim to the hackers in late August, with the breach initially stemming from one of its external IT vendors. The price of silence was steep, with Caesars reportedly paying around half of the $30 million to prevent the disclosure of stolen data, primarily impacting its loyalty program database. This database contained sensitive private information, including driver's license numbers and Social Security numbers of a significant number of members.
Scattered Spider's Motivation
When questioned about their choice of targets, a Scattered Spider representative stated plainly, "If you have money, we want it." This lack of specificity suggests their targets are opportunistic, driven primarily by financial gain and center on sophisticated social engineering techniques. Scattered Spider is reported to recruit young adults and teenagers. Similar hacking groups have increased the same tactic, highlighting a concerning trend of minors entering the world of cybercrime.
Western Hackers on the Rise
Another alarming trend is the rise of Western hackers, dispelling the stereotype cybercriminals primarily originate from Russia or other foreign nations. Allison Nixon, Chief Research Officer at Unit 221B, highlighted minors play a considerable role in such groups, taking advantage of lenient legal environments.
The FBI's Involvement
While these cyberattacks have heightened cybersecurity awareness, the FBI remains tight-lipped about the incidents. Caesars submitted an 8-K filing but additional details remain elusive. Authorities have long advised against paying ransoms and that stance has not changed.
The Bottom Line
As the casino cyberattack sagas unfold, light is shed on the evolving landscape of cyber threats. Cybercrime syndicates and hacking groups continue to get bolder and find ways to exploit vulnerabilities. The importance of robust cybersecurity measures and enhanced education are paramount. With Western hackers emerging as formidable players in the cyber underworld, the battle to secure sensitive data and protect against future attacks has never been more critical. Regardless of the outcome beyond this point for both MGM and Caesars, these cyberattacks serve as concrete warning pillars the digital realm is a frontier fraught with peril, and vigilance remains a key component of our defense.
A full breakdown of major points and actions you can take from the 2024 VDBIR.
What makes PhishingBox a customer-first company?
What are the strengths, weaknesses, opportunities, and threats to a security awareness training program?
