Report: MGM’s Decision Not to Pay Ransomware Pays Off
Introduction
The recent ransomware attacks on MGM Resorts and Caesars Entertainment have brought the issue of dealing with cybercriminals to the forefront. While MGM chose not to engage or negotiate with the cybercriminals, Caesars decided to pay a $15 million ransom. Following these incidents, MGM has reported losses of around $100 million due to the breach. However, the impact on the company’s financials is expected to be minimal. This incident raises important questions about the role of deep pockets in making organizations targets for ransomware attacks.
The Fallout: MGM’s Response and Financial Impact
MGM’s response strategy to the ransomware attack was in stark contrast to Caesars Entertainment. While MGM struggled to regain operations for over a week, Caesars quickly resumed day-to-day operations after paying the ransom. In its revised SEC disclosure, MGM reported a $100 million loss as a result of the breach. This may seem significant, but considering MGM’s total revenue of nearly $4 billion in the second quarter alone, the impact on its financial condition and results of operations for the year is expected to be minimal.
The Gamble that Paid Off
MGM’s decision not to pay the ransom aligns with the recommended course of action from cybersecurity experts, government agencies, and law enforcement. Paying a ransom does not guarantee the return of an organization’s systems and data, and it only helps perpetuate the ransomware ecosystem. By standing firm and refusing to negotiate, MGM made a surprising business case for telling cybercriminals to “pound sand” following a ransomware attack.
Size Doesn’t Guarantee Immunity
While some may argue that large, financially resilient companies like MGM are unlikely targets for ransomware attacks, the reality is that no company is immune to hacking. The key lies in being resilient and prepared to withstand such attacks. MGM’s investment in backup and recovery may have played a crucial role in mitigating the impact of the breach. The company can now use this incident to identify weaknesses and further strengthen its cybersecurity practice.
Small vs. Large Organizations
This incident highlights the contrasting situations faced by small- and mid-sized businesses compared to larger corporations when it comes to ransomware attacks. For smaller organizations, a ransomware attack can be devastating and may even force them out of business entirely. Larger businesses, on the other hand, have the financial resources to absorb the costs associated with remediation.
Continual Investment in Cybersecurity
Instead of gambling on whether to pay a ransom after an attack has occurred, organizations should prioritize investing in cybersecurity technologies. Cyber threats are constantly evolving, and criminals are becoming increasingly sophisticated. Omri Weinberg, co-founder of DoControl, suggests that businesses need to strategically invest their resources and funds into their cybersecurity practice. While no company can guarantee complete immunity, continual investment in cybersecurity can enhance resilience and minimize the risks associated with such attacks.
Conclusion
MGM’s decision not to pay the ransom following the ransomware attack has paid off financially and also serves as an example for other organizations to focus on resiliency and business continuity. It is crucial for businesses, regardless of their size, to take cybersecurity seriously and continually invest in measures to protect their systems and data. By doing so, organizations can minimize the potential impact of cyber attacks and ensure their ability to recover swiftly. The threat of cybercrime is ever-present, making preparedness and resiliency essential in the face of this never-ending game.
<< photo by Dan Nelson >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- D.C. Voter Records Exposed: Online Sale Sparks Concerns of Cybercrime Threats
- RIT Leading the Way in Cybersecurity Education with Google’s Support
- Endpoint Malware Volumes Drop Amid Expanding Campaigns: WatchGuard Threat Lab Report
- The Rising Cost of Ransomware Attacks: MGM Resorts Loses $110 Million
- Ransomware Attacks Surge: FBI Sounds the Alarm on Dual Threats
- Rise in ‘Dual Ransomware Attacks’: A Looming Threat for Businesses
- The Power of Predictive Analysis: Minimizing Data Breach Risks Through Advanced Insights
- Nonprofit Service Provider Blackbaud Settles Data Breach Case with States for $49.5 Million
- The Increasing Importance of Cybersecurity Investments: Q3 2023 Funding Surges by 21%
- Johnson Controls: Battling Ransomware Attacks and Enhancing Cybersecurity Measures
- The Rise of Cybersecurity: Is a Future Without Breaches Possible?
- The Increasing Need for Secure IAM Practices: Insights from CISA and NSA
- Insurance Companies Under Siege: Unraveling the High Stakes of Cyberattacks
- Are Dutch Municipalities Falling Short in Addressing Security Vulnerabilities?
