In a world where cybersecurity threats loom large, even the most fortified establishments can fall victim to audacious cyberattacks.
Recently, the United States witnessed a brazen assault on its casino industry, with hackers targeting one of the most prominent players in the game – MGM Resorts.
This cyber siege left customers and experts questioning the level of security in place and raised concerns about the vulnerabilities of seemingly impregnable organizations.
The MGM Resorts Cybersecurity Debacle
MGM Resorts, a casino behemoth boasting over two dozen hotel and casino locations globally, was thrust into the spotlight when it reported a "cybersecurity issue" on September 11. In a bold move to safeguard their systems and data, MGM Resorts temporarily shuttered various components of its operations.
This security measure, while well-intentioned, unleashed a cascade of issues, ranging from dysfunctional hotel room digital keys to out-of-service slot machines. Even the websites of MGM properties suffered downtime, leaving guests frustrated and inconvenienced. Customers queued for hours to check in, receiving manual room keys and handwritten receipts for casino winnings.
The Perpetrators Behind the Attack
As the chaos unfolded, attention shifted to the identity of the hackers responsible for this audacious breach. A group known as "Scattered Spider" emerged as the prime suspect, utilizing ransomware affiliated with ALPHV or BlackCat, a ransomware-as-a-service operation.
Scattered Spider specializes in social engineering tactics, where attackers manipulate victims by impersonating individuals or organizations with whom the victim has a relationship. However, their proficiency in "vishing," a method of gaining access through convincing phone calls, stood out.
The Scattered Spider hackers, reportedly in their late teens and early 20s and fluent in English, executed their attack by impersonating an MGM employee found on LinkedIn, successfully breaching MGM's IT help desk to obtain crucial credentials.
But how did teens manage to bring down the entire Las Vegas Casino landscape? – Well, through manipulation.
A representative claiming to be from Scattered Spider stated that they had stolen and encrypted MGM's data, demanding a cryptocurrency ransom for its release. Initially, the group had intended to hack MGM's slot machines but had to abandon this plan.
ALPHV/BlackCat, however, disputed some aspects of these reports, vehemently denying involvement by teenagers in the US and Europe or any attempt to tamper with slot machines.
The group's message on September 14 confirmed responsibility for the attack but criticized inaccuracies in reporting. Notably, MGM Resorts remained steadfast in its refusal to engage with the hackers or entertain the notion of paying a ransom.
So are other casinos and sportsbook safes? For now yes, you can bet on TwinSpires and on this Canadian website race book for horse racing events like Breeders Cup with total safety and encryption. However, be aware of any data breaches and make sure you keep yourself informed and protected.
A Wider Casino Cyberattack Trend
The attack on MGM Resorts was not an isolated incident. Around the same time, Caesars Entertainment also suffered a cyberattack, resulting in millions of dollars in payouts to hackers.
The attack on Caesars Entertainment bore similarities to the MGM breach, as it too involved a "social engineering attack" targeting an outsourced IT support vendor. Despite these parallels, the group claiming responsibility for the MGM attack distanced itself from the Caesars incident.
The Effectiveness of "Vishing"
The MGM Resorts cyberattack highlighted the effectiveness of "vishing" – a portmanteau of "voice" and "phishing." This social engineering technique exploits the weakest link in cybersecurity – human nature.
According to a 2022 IBM report, targeted phishing attacks that incorporate phone calls are three times more effective than those that don't. It is also the second most common cause of data breaches, costing victims $4.91 million on average.
"Vishing" isn’t a complicated hacking method where hackers use code to bypass security measures. Instead, it is a simple method that relies on an old-fashioned phone call and manipulation to trick individuals into sharing sensitive information.
How do they manage to get the sensitive data?
Well, through social media profiles including LinkedIn, where workers from such organizations share a lot of their professional journey.
Experts point out that organizations tend to overlook "vishing" in their cybersecurity training, focusing primarily on phishing (emails). However, the MGM Resorts incident serves as a wake-up call, emphasizing the need to address this often-neglected avenue of attack.
How to Protect Your Information Online
Since there are more cyberattacks nowadays, and the situation will get worse, especially with the rise of AI, you need to take some measures to protect your online accounts.
- Secure Personal Information: Be cautious about sharing personal information and credentials, even seemingly innocuous details.
- Verify Identity: Always verify the identity of anyone requesting sensitive information or access.
- Use Unique Passwords: Employ distinct passwords for various accounts to minimize damage if one is compromised.
- Implement Multi-Factor Authentication: Enable multi-factor authentication to add an extra layer of protection.
- Don’t Share Everything on Social Media: We know that it is fun to share your personal and professional journey on social media, but this can give hackers access to sensitive information that can later be used against you.
The MGM Resorts cyberattack serves as a stark reminder of the ever-present threat of cybercriminals and the importance of robust cybersecurity measures. As hackers adapt and refine their tactics, individuals and organizations must remain vigilant and prepared to defend against this evolving menace.