MGM Resorts Cyberattack Disrupts Operations on the Las Vegas Strip
MGM Resorts, the largest employer on the Las Vegas Strip, is facing a major cybersecurity incident that has left its hotel operations in disarray. The attack, which occurred on September 10, is suspected to be a ransomware attack, although experts have not yet confirmed the exact nature of the disruption. Reports and social media posts indicate that many MGM Resorts guests were locked out of their hotel rooms as the cyberattack interfered with key card systems. Slot machines on the casino floors were also down, causing further disruptions.
MGM Resorts issued a statement acknowledging the incident and stating that they have launched an investigation with the help of external cybersecurity experts. The company also alerted law enforcement and implemented measures to protect their systems and data, including shutting down certain systems. As a result of the attack, MGM Resorts’ websites were still offline, and customers were directed to make reservations by phone. The investigation is still ongoing in collaboration with law enforcement.
Ransomware Attack Likely
While the specifics of the attack are yet to be confirmed, experts believe that a ransomware attack is the most likely explanation. Callie Guenther, a cyber-threat researcher, and senior manager at Critical Start, stated that “the nature of the widespread outages and disruptions aligns most closely with a ransomware attack.” Other experts agree, noting that the casinos’ abundance of wealth and personal and financial data make them attractive targets for cybercriminals seeking financial gain.
Piyush Pandley, CEO at Pathlock, highlighted the targeting of the MGM Resorts awards program, which provides valuable customer data to threat actors. He also noted the wide span of control the attackers have gained, implying that a compromised user account in a core application or system may have allowed for lateral movement within the company’s interconnected systems.
Insider Threat Suspected
Some experts suggest that the breach may have resulted from an insider threat or a worm that spread widely. Zane Bond, head of product at Keeper Security, noted that past casino cyberattacks have often involved insider threats. With multiple casinos across different cities affected, the breach appears to be significant, highlighting the need for enhanced insider threat detection and prevention measures.
Ransom Payment Likely?
As MGM Resorts continues to grapple with the cyber incident, there are concerns that the company may decide to pay the ransom demand. Fergal Lyons, a cybersecurity evangelist with Centripetal, suggested that based on past industry performance, MGM Resorts might opt for paying the ransom if no other viable option is available. Ransomware attacks have become a lucrative industry for cybercriminals, who exploit vulnerabilities and take advantage of careless employees.
Security Teams Face the Challenge of Recovery
Recovering from the cyber incident is now in the hands of the MGM Resorts security teams. Joseph Carson, chief security scientist and advisory CISO at Delinea, expressed empathy for the teams, highlighting that they are currently experiencing the worst fears and nightmares faced by security professionals. Carson emphasized the importance of having a solid incident response plan and practicing and simulating such incidents to ensure preparedness.
As MGM Resorts strives to recover its systems and restore normal operations, the incident serves as a reminder of the ever-increasing threat of cyberattacks and the need for robust cybersecurity measures. Companies, especially those in industries like hospitality that handle vast amounts of customer data, must invest in comprehensive cybersecurity solutions and remain vigilant to protect both their systems and the privacy of their customers.
MGM Resorts’ ordeal is a wake-up call for the wider industry, pushing it to reassess and reinforce cybersecurity practices. The rapid advancement of technology has brought immense convenience and efficiency, but it has also created new vulnerabilities that cybercriminals exploit. It is crucial for organizations to not only react to cyberattacks but also take proactive steps to prevent and mitigate the risks associated with them. Cybersecurity should be a top priority for businesses in this digital age.
<< photo by ThisIsEngineering >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Exploring the Implications of the Critical Google Chrome Zero-Day Bug Exploited in the Wild
- Adobe’s PDF Reader Faces Critical Zero-Day Exploitation
- Iranian Cyberspies Unleash New Backdoor: 34 Organizations Targeted
- MGM Resorts Faces Major Cybersecurity Breach: A Closer Look at the Fallout
- Israel’s Healthcare Cybersecurity Threat: Ransomware Attack at Hospital Raises Concerns
- The Growing Threat: Thousands of Code Packages Vulnerable to Repojacking Attacks
- Critical CodeMeter Vulnerability Shakes Siemens: A Deep Dive into the ICS Patch Tuesday
- Intel Capital: Investing in Zenity to Revolutionize Low-Code/No-Code Security
- The Rise of Underground Jailbreaking Forums: A Deep Dive into Dark Web Communities
