Over the last few weeks, hackers have broken into IT systems at MGM Resorts International and Caesars Entertainment, two of the biggest casino conglomerates in the world.
The MGM hack was particularly impactful, according to the analysis of cybersecurity experts and information leaked by the hackers themselves. MGM runs more than 25 international hotel and casino locations, along with lucrative online sports betting operations. After the initial report of a cybersecurity incident on September 11, guests reported problems with everything from digital hotel room keys to slot machines to receipts for winnings. As usual, data protection specialists worried that stolen customer information could also be sold on the dark web.
A hacking organization called Scattered Spider claimed responsibility for both the MGM breach and a subsequent one at Caesars. The hackers deployed ransomware created by ALPHV, or BlackCat, a shadowy collective known for providing ransomware-as-a-service. Scattered Spider said that one of its hackers used “vishing,” or voice-based social engineering attacks conducted over the phone, to gain access to data. Then, the data was encrypted before the hackers issued an extortion requiring a ransom payment for its return.
According to industry experts, Scattered Spider’s members are young and fluent in English, making their vishing attempts that much more convincing. In this case, it appears that hackers scraped social media for an employee’s information, and then impersonated them in a call to obtain credentials to access and infect the systems. Representatives claiming to be from Scattered Spider said this was their backup plan—the group initially wanted to break into MGM’s slot machines but were stymied by IT protections.
While MGM opted not to pay the hackers for the return of its stolen data, Caesars decided to pay millions of dollars in ransom. Caesars admitted to the breach and the payment in a required filing to the U.S. Securities and Exchange Commission, which claimed that the company was a victim of a “social engineering attack” that resulted in the theft of private information about members of its customer loyalty program.
Both companies reported significant impacts, however: MGM and Caesars lost market value as stock prices plummeted, and MGM said that some operations were still disrupted at hotels from Las Vegas to Macau.
Social engineering tactics, including phishing (attacks initiated via email), vishing (attacks initiated via phone), and smishing (attacks initiated via text), all target the weakest link in cybersecurity protection: human beings.
According to the federal Cybersecurity & Infrastructure Security Agency (CISA), more than 90 percent of all cyber incidents start with some form of phishing. IBM’s 2022 X-Force Threat Intelligence report also revealed that phone-based vishing attacks were three times more effective than email-based phishing attacks.
Stephanie Carruthers, a “chief people hacker” at IBM, tests cybersecurity systems to spot vulnerabilities—and says that vishing is actually easier for bad actors to deploy.
“With phishing, I have to set up infrastructure, I have to craft an email and do all these extra technical things,” Carruthers told Vox. “But with vishing … it’s picking up the phone and calling someone and asking for a password reset. It’s pretty simple.”
Another explanation for the rise in vishing attacks is the preponderance of publicly available information on social media. LinkedIn users often post email exchanges between colleagues or discuss sales success, allowing hackers to target high-value contacts and learn how they compose a message or kick off a phone call. Including a sense of urgency or authority can easily trick junior employees into responding quickly to communications they think are from more senior leaders.
We’ve spent more than 25 years protecting thousands of businesses across North America from all kinds of cyberattacks and digital incidents. We prioritize ransomware prevention while acknowledging it’s just one layer of critical security. We work with companies of all sizes in all industries, shielding systems, employees, and sensitive data from ongoing threats.
Ready to step up your ransomware protection? Concerned that the MGM breach could have affected you? Contact CMIT Solutions today for responsive help that can secure your business.
"Kindness: A Family Affair" is the theme for the 29th Annual Kindness Week for 2024
Local boy with autism is spreading holiday cheer in a big way
Nonprofit named recipient for annual donation campaign
Denise Cherry-Russell, a Kenosha resident and proud veteran, won the "Win Your Wish List" Sweepstakes
Froedtert Pleasant Prairie Hospital is proud to welcome a new cardiothoracic surgeon to their world-class…
Unlock productivity and security with trusted IT guidance
This website uses cookies.