Introduction
Have you heard about the attack on MGM Resorts International?
On September 11, 2023 the major casino and hotel operator was hit by a serious and consequential cyberattack — and it all started with a ten minutes phone call. The attack forced the company to shut down its computer systems, disrupting operations at its properties across the United States.
What Happened to MGM?
The hacking group known as Scattered Spider has claimed responsibility for the attack; they are known for using social engineering techniques to trick employees into granting the hackers access to large corporate networks. They operate underneath a well-known ransomware gang, ALPHV, who also go by Black Cat.
In the case of MGM, Scattered Spider simply went on LinkedIn and discovered somebody who worked in the company’s IT department as a legitimate employee. As for their mastermind plan? It was as simple as calling the MGM help desk and saying they had been locked out of their account, asking for re-access.
The attack had a significant impact on MGM’s operations. ATMs, slot machines, digital room keys and other digital payment systems all went offline during the attack. The company’s corporate email, restaurant reservation and hotel booking systems also remained dark. Keep in mind, MGM owns more than 30 international hotel, resort and gaming venues.
The damage is reportedly costing them between four and eight million each day they’re offline.
Conclusion
The cyberattack on MGM is a reminder of the growing threat of ransomware attacks. (Ransomware attacks involve stealing and encryption data, and then demanding a fee in exchange for the decryption key. They often commit”double extortion” by charging in return for their promise not to publish the data online.) Ransomware attacks have become increasingly common in recent years, and they have targeted a wide range of organizations, including businesses, governments and healthcare providers all around the world..
There are a number of things that organizations can do to protect themselves from ransomware attacks, including:
- Educating employees about social engineering attacks and how to avoid them.
- Implementing strong security measures, such as firewalls and intrusion detection systems.
- Regularly backing up data so that it can be restored if it is encrypted by ransomware.
- Study your incident response plan so you know what to do when you spot something suspicious. You don’t want to be in the middle of an emergency when you realize that you forget who to call!
The cyberattack on MGM is a serious incident, but it is important to remember that ransomware attacks are preventable. By taking steps to protect themselves, organizations can reduce their risk of falling victim to all kinds of cyberattacks.
References