In a story that seemed ripped out straight from the pages of a movie, MGM Resorts, one of the most prominent casino chains in the world, recently found itself embroiled in a cyberattack. This story unfolded like a Hollywood script, revealing vulnerabilities in even the most secure online casinos.
Indeed, this incident was a much-needed reminder that in today’s highly digital age, even the grandeur of a well-established gambling brand like MGM cannot shield against the cunning of cyber criminals. In our digital age where modern lives are intricately tied into the fabric of the internet, vigilance cannot be overstated.
What we cover
Decoding the chaos of MGM’s cyberattack
The events all kicked off on September 11, when MGM sounded the alarm citing a cybersecurity issue that compelled the brand to shut down various systems. This ended up disrupting almost all operations from digital room keys to slot machines and even the websites of MGM’s many casino properties.
Some of the properties affected included Borgata Hotel Casino & Spa, which was unable to access the MGM Rewards system as a result of the incident. Other services that experienced sudden interactions include hotel reservations, as well as restraint bookings which ceased to function. It is worth noting that in a stroke of luck, MGM Casino and its sportsbook in New Jersey were not impacted by the cyber issue.
Similarly, the Borgata Hotel in New Jersey was also unaffected. As soon as the attack was evident, the Las Vegas-based casino firm stated various social media platforms noting that it had promptly started an investigation with the help of established cybersecurity experts. The casino property also reportedly worked hand in hand with the FBI.
As you can imagine, this attack on MGM Resorts left thousands of guests stranded in long queues and resort staff scrambling to do everything manually to salvage operational functionality. While MGM reassured the public through cryptic social media messages about resolving the problem, the enormity of the attack was immediately clear to the public.
In the end, a shadowy group recognized as Scattered Spider, well-known experts in social engineering were uncovered as the intruders. The technique used by the hackers is also commonly known as ‘vishing’ a term that combines 2 words, ‘voice’ and ‘phishing’. Typically, this process involves manipulating individuals over the phone.
In MGM’s scenario, Scattered Spider allegedly posed as a staff member, charming their way into MGM’s IT help desk to steal credentials they needed to actualize their plan. Armed with the stolen keys, the hackers easily managed to hack into the MGM system, wreaking havoc in the aftermath of the attack.
Fueling even more chaos was the use of ALPHV, a ransomware as a service operation known as BlackCat. This malicious software encrypted MGM’s data, holding it hostage and demanding a crypto ransom before the hackers could release it. While reports originally suggested a master plan to hack slot machines, the reality was a lot slyer.
Scattered Spider proudly claimed responsibility for the breach, confirming the theft, as well as the encryption of MGM’s data. Interestingly, ALPHV denied certain components of the attack, which further added a perplexing layer to the unfolding drama.
Amidst this drama, a silent menace emerged- vishing. More powerful compared to phishing, vishing preys on human psychology, manipulating trust and power. Scattered Spider’s success hinged on this technique, with the attackers relying heavily on employee information for impersonation.
Although this technique is certainly not new, it has increasingly been gaining traction in the world of cybercrime. Because vishing is characterized by using personal touch and other persuasive tactics, the method has proven highly effective, emphasizing the vital need for enhanced cybersecurity awareness, especially in the gambling sector.
In the aftermath of the cyber-attack, the resort operator faces challenges, as well as opportunities. The battle against the attackers has since been brought to the limelight, exposing vital vulnerabilities while reshaping the awareness of casino invulnerability.
MGM back online after the attack
After 10 grueling days of cyber warfare, MGM Resorts finally managed to restore functionality to its customer-facing electronic systems. The breach struck the brand’s properties in several locations including Bellagio, MGM Grand, and Aria. The effects of this attack are said to have been catastrophic.
The quoted estimates hinted at a massive daily loss of close to $8 million for MGM resorts with the total loss amounting to more than $80 million. Days before MGM’s systems were taken down, Caesars also underwent a similar experience.
In the case of Caesars, the hackers responsible for the attack contacted an external IT vendor as far back as August to eventually gain access to the operator’s systems. In the end, Caesars eventually had to part with a $15 million ransom to restore operations.
The attackers allegedly demanded a $30 million ransom. However, Caesars ultimately agreed to part with half the amount. It is reported that the group responsible for the attack also made a ransom demand to MGM.
These 2 are now marked incidents of highly disruptive cyberattacks in the history of the gaming industry and the incidences only occurred in a matter of weeks. Both Caesars and MGM reported the incidents in a U.S. Securities and Exchange Commission filing acknowledging the hack as a material event.
Over the last couple of years, several cyberattacks have made headlines including Las Vegas Sands Corp, which was attacked in 2014. The attack defaced the Sands’ websites and stole customer data. In 2017, several Australian casinos also suffered a major data violation 2017 when a hacker gained illicit access to the casino’s loyalty program database.
Final Thoughts
The MGM casino hack, much like a thrilling bestseller, uncovered the unnoticed enemy creeping around in the digital shadows. This attack was a stark reminder of the constant threat of cybercriminals. Ransomware attacks, which broadly define the techniques that Scattered Spider used to gain access to both Caesars and MGM reached new levels during the pandemic.