Even the biggest players in the hospitality and entertainment industry aren’t safe from cyber threats. This week, MGM Resorts International, a major gaming company worth $14 billion, was attacked by a group called Scattered Spider hackers. At the same time, Caesars Entertainment faced a similar attack, highlighting the growing danger faced by these industry giants.
MGM Resorts Breached by Scattered Spider
MGM Resorts International, known for its luxury casinos and hotels worldwide, fell victim to a crippling cyber attack by the mysterious Scattered Spider hacking group. MGM’s systems were shut down for three days, causing a serious “cybersecurity issue.” Although the investigation is ongoing, it’s clear that these breaches have had a major impact. Social media posts showed malfunctioning slot machines and disruptions in Las Vegas, where MGM has a prominent presence.
Caesars Entertainment Pays Ransom
At the same time, Caesars Entertainment also faced a cyber attack. It was revealed that they too were targeted by the Scattered Spider group. Various reports claim they ended up paying a ransom to prevent sensitive data from being exposed. Both Caesars Entertainment and MGM saw their stock prices drop as a result of these attacks.
Who Are Scattered Spider?
Scattered Spider, also known as UNC3944, has become a significant threat. They use social engineering tactics to trick individuals into revealing login credentials and one-time-password codes, bypassing multi-factor authentication. Charles Carmakal, CTO at Alphabet Inc.’s Mandiant Intelligence, describes them as one of the most prevalent and aggressive threat actors impacting organizations in the United States today. They target a wide range of organizations, from telecom companies and business process outsourcing firms to critical infrastructure organizations.
Ransomware Strikes Casinos
It appears that casinos have become attractive targets for cybercriminals looking for financial gains. Allan Liska, an intelligence analyst at Recorded Future, notes that cybercriminals are drawn to casinos because of the potential for disruption and the likelihood of receiving substantial ransoms. This increased attention may lead to more attacks in the industry.
Moody’s Warning and Ongoing Investigations
Moody’s, the well-known rating agency, has expressed concerns about how these breaches might affect MGM’s credit rating. Meanwhile, the FBI is actively investigating the incidents. The seriousness of these attacks lies in their ability to disrupt operations and harm the reputation of these major players in the hospitality industry.
Scattered Spider’s Tactics
Scattered Spider’s use of social engineering tactics presents a significant challenge to organizations with strong security measures. Their hacking group is reported to include young members, setting them apart from the typical profile of cybercriminals. Allison Nixon, CRO at Unit 221B, points out that these hackers are not from Russia but from Western countries, often recruiting minors due to lenient legal consequences.
The Call to Avoid Paying Ransoms
Amidst this chaos, the FBI and cybersecurity experts emphasize the importance of not paying ransoms, sticking to the long-standing advice for victims of cyberattacks and extortion.
