MGM Resorts International and Caesars Entertainment, two major players in the casino industry, were recently hit by cyberattacks. The culprits behind these attacks are a group of hackers known as Scattered Spider or UNC3944. They managed to disrupt the operations at these casinos, including their websites, reservations systems, and certain slots machines.
The Aftermath of the Cyber Attack
After the attack, some of MGM Resorts’ computer systems remained offline. This includes the systems hotels use for reservations and payroll. Despite this, the company reassured its employees they would receive their salaries on time. The attack has affected the company’s 75,000 employees across the globe.
The group responsible for these attacks, Scattered Spider, consists of hackers primarily from the United States and the United Kingdom. Some of these hackers are as young as 19 years old. They have a history of targeting telecommunications and business process outsourcing companies. Their methods involve SIM swaps of phone numbers to launch phishing attacks, steal data, and demand ransom.
The Response of the Hackers
In response to these attacks, Scattered Spider claimed responsibility. They said they had taken six terabytes of data from MGM and Caesars’ systems. However, they have no intention of making this data public.
These attacks have raised concerns about the security measures in place at these casinos. Casino software, like NetEnt software used in Ice Casino, needs to ensure top-notch security to protect against such cyber attacks. This incident serves as a stark reminder to all businesses of the importance of investing in robust cybersecurity measures. While the FBI is currently investigating these attacks, it is clear that companies like MGM and Caesars need to take preventative measures to guard against future cyber threats.
It is essential that companies are aware of the potential risks posed by cyber attacks. As businesses become more digitalized, it is important to ensure their systems and networks are secure. Companies should regularly update software and security protocols across their networks to prevent such cyber-attacks. They should also invest in comprehensive cybersecurity training for their employees to help them recognize suspicious emailsand activities.
Finally, companies should consider investing in cyber insurance to help minimize the losses caused by such an attack. Cyber insurance helps to protect businesses against data breaches, cyber extortion, and other malicious activities.