Services at MGM Resorts restored following ransomware attack
Services at hotels and casinos owned by MGM Resorts International Inc. have been at least mostly restored following a ransomware attack that crippled services provided by the company last week.
The cyberattack was first detected on Sept. 10 and affected systems, including websites, online reservations, ATMs, credit card machines and MGM Resorts across the U.S. In Las Vegas, it was reported that the attack also affected slot machines and room key systems.
To this point, MGM has still not formally disclosed the form of what the company still described as a “cybersecurity issue.” But a report on Sept. 13 linked the attack to the ALPHV/BlackCat ransomware group. VX-Unground, a malware research group, claimed on X (formerly Twitter) that the ransomware group compromised the company by calling the MGM Resorts helpline and undertaking a 10-minute conversation.
Other reports have since linked the attack to a group going by the name of “Scatter Spider,” the same group that was linked to a similar attack on casino operator Caesars Entertainment Inc. earlier this month. According to a report on Sept. 14, Scatter Spider, also known as UNC3944, is an affiliate of ALPHV/BlackCat.
Ransomware affiliates collaborate with ransomware creators, in this case, ALPHV/BlackCat, by deploying the ransomware within victim networks and are sometimes responsible for specific tasks like data theft or extortion based on their expertise.
In a statement on X on Sept. 20, MGM Resorts said services in its hotel and casinos are now operating normally — though one reporter said she still couldn’t book a room there.
— MGM Resorts (@MGMResortsIntl) September 20, 2023
The attack on MGM Resorts has drawn widespread attention to the problem of ransomware attacks and the need to enhance cybersecurity measures.
“The recent cyberattack on MGM Resorts International unveiled the significant deficiencies in the company’s cyber infrastructure and training, paralyzing key sectors of the business,” Lisa Plaggemier, executive director at the non-profit security awareness and educational organization National Cybersecurity Alliance, told SiliconANGLE. “This incident starkly emphasizes the pressing need for robust investment in cyber infrastructure, including regular security audits and thorough employee training programs, to fortify defenses and effectively combat future cyberthreats. Without such measures, the risk of extensive downtime and financial losses remains a looming threat.”
Photo: Zereshk/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.