Social engineering attack identified as cause of data breach in August as per Caesars Entertainment's statement
Casino Giants Hit by Ransomware Attacks: MGM Resorts and Caesars Entertainment
In a series of cyberattacks that have shaken the casino industry, MGM Resorts and Caesars Entertainment have fallen victim to ransomware attacks. The attacks, which occurred around the same time in September 2023, have resulted in significant operational disruptions and financial losses.
According to a report released by SecureWorks, the median dwell time for ransomware incidents has dropped significantly, from 4.5 days to less than a day within the past 12 months. This trend is evident in the attacks on MGM Resorts and Caesars Entertainment, as ransomware groups are charging lower ransoms due to the reduced dwell time.
The MGM Resorts cyberattack occurred on or about September 9-11, 2023. Hacking group Scattered Spider, using social engineering, gained unauthorized access by posing as employees and manipulating help desk staff. The attack disabled many public-facing systems, including ATMs and remote room keys, causing large operational disruption and financial losses—over $100 million in lost profits were reported later. MGM disclosed the breach publicly in an SEC Form 8-K on September 12, 2023.
Caesars Entertainment confirmed a data breach of its customer rewards program in a filing with the Maine attorney general's office. The breach was discovered by Caesars on Sept. 7. The data breach occurred after a social-engineering attack on an outsourced IT support vendor on Aug. 18, leading to unauthorized access on Aug. 23. Caesars paid millions of dollars to the Scattered Spider threat group after the hack.
The Caesars Entertainment data breach timeline raises questions about the length of time hackers were inside the company systems before being discovered or made known to the company. The customer loyalty database included Social Security numbers and drivers license numbers for members, affecting 41,397 Maine residents.
Ransomware groups have developed the ability to access and encrypt data more quickly, making it more difficult to detect their activities. They are also becoming more adept at masking their activities, as seen in the voice-phishing technique used by Scattered Spider to trick IT support or call center workers into bypassing multifactor authentication.
Multiple class action lawsuits have been filed against MGM Resorts and Caesars Entertainment by customers claiming negligence and unjust enrichment. The SecureWorks report does not provide specific details about the MGM Resorts cyberattack mentioned earlier in the article.
The SecureWorks report indicates that ransomware actors are trying to minimize their dwell time within systems to reduce the chances of detection and the amount of damage they can cause. This trend is evident in the quick response times of both MGM Resorts and Caesars Entertainment, which disclosed the breaches publicly shortly after they occurred.
The comparison between the two attacks reveals some similarities, such as the use of social engineering as the primary vector and the involvement of the same group, Scattered Spider. However, the type of data stolen and the publicized operational impacts differed between the two companies.
In summary, the ransomware attacks on MGM Resorts and Caesars Entertainment underscore the importance of comprehensive cybersecurity defenses, particularly in addressing the weakness of human factors. The involvement of the same group, Scattered Spider, indicates targeted and sophisticated hacking efforts against major casino operators.
- The ransomware attacks on MGM Resorts and Caesars Entertainment, both instances of cybercrime, have highlighted the necessity for robust cybersecurity measures, especially in addressing human factors weakness.
- The attacks on MGM Resorts and Caesars Entertainment involved the use of social engineering, a common method in phishing activities, which highlights the need for heightened cybersecurity in the technology-driven business sector.
- In the general-news and crime-and-justice landscape, ransomware groups are increasingly adept at masking their activities and accessing data more speedily, as demonstrated by the voice-phishing technique used by Scattered Spider in these incidents.
- The data breach at Caesars Entertainment resulted in the theft of sensitive information such as Social Security numbers and drivers' license numbers, emphasizing the critical importance of data privacy in the digital era.
- As a consequence of these attacks, both MGM Resorts and Caesars Entertainment have faced lawsuits from customers for alleged negligence and unjust enrichment, leading to financial implications within the finance and business world.
