Recent MGM breach demonstrates weaknesses in cybersecurity posture
When you think about cybersecurity, you imagine IT silos and safeguarding data. You consider it a field firmly in the realm of tech-centric businesses and remote working. But today, cybersecurity touches nearly every facet of life, and that includes casinos.
That might be the last thing on your mind when you hear “cybersecurity dangers,” given the realm of gambling and digital security is the farthest thing from the other. But it can happen. In fact, it has happened.
MGM, a popular gambling and casino mogul stumbled into some recent trouble with unresponsive websites and potentially compromised data following an attack by a ransomware gang. The ransomware gang, ALPHV / BlackCat, claimed responsibility for the breach. The attack flow was in line with common methods utilized by these types of attacks, aka, social engineering. Information obtained from an employee’s LinkedIn page was used to call the help desk in an effort to siphon more data.
While MGM indicated in a social media post none of its standard entertainment services were affected, some online and website functions were taken down in response.
The distinction, however, is the online aspect. Two other of MGM’s casinos were also impacted by the ransomware gang’s attack. The Grand Detroit Casino and Borgata Hotel discovered loss of certain services following the breach events. The fallout of the attacks disabled online services and even halted online gaming services for players. In other scenarios, visitors could not use their digital room keys, access ATM services, or even buy food.
Ramifications of the attack
The fallout of the casino cybersecurity breach goes beyond stolen data and inaccessible services. Rather, it’s the established precedent IT, management, cybersecurity teams, and the general public should worry about. Once again, when you think about hacks, breaches, or cybersecurity attacks, you imagine business data, personal devices, or IT facilities.
But a casino is a different setup entirely, and it readily demonstrates hackers can intrude on a variety of networks, even entertainment-based ones. Anything with network-facing capabilities – which is a majority of modern-day services – is ripe for picking. More so, casinos like MGM and its brand are particularly valuable, given they’re in proximity to exceptionally valuable consumer data. No organization or enterprise is off limits to hackers, and the MGM casino breach is a testament to that. It’s also a demonstration of how versatile and effective ransomware gang methods are, once again relying on social engineering to begin their threat campaign.
The sad part is, that some of this wasn’t preventable. It’s common for staff to have information on their LinkedIn, given it’s a common way for business professionals to get in touch. It’s also not unthinkable for someone to call a support desk and use mundane, commonly found information. But it’s that exact data usable for phishing and social engineering attacks. Normally, an enterprise will use zero-trust policies or checks to verify the integrity of a request or message, but for the practical operation of a casino business, you can imagine the impracticality of it. Workers focused on their busy jobs are not likely to expect ransomware gangs to call and ask basic questions that aren’t discernible from normal-sounding inquiries.
The problems caused by the attack, however, cannot be ignored. If a ransomware gang can do it once, they’ll do it again unless proper defensive steps and protocols are taken. But for casino and entertainment organizations, it’s easier said than done. Even with the resources and capital to invest in cybersecurity resources, the problem isn’t solved by simply throwing money at the issue.
Rather, franchise owners, management, and cybersecurity teams must look into strengthening their cybersecurity posture by investing in the right resources and deploying the right strategies. But how does any enterprise, much less MGM, go about that?
Third-party assistance
Countering the social engineering and phishing problem is a question plaguing cybersecurity. It’s got no exact answer because every scenario is different. The MGM casino breach demonstrates what hackers can do and will do when in possession of even simple staff details. But amending that would require adjusting publicly available information, counterintuitive to the nature of LinkedIn.
That doesn’t mean an enterprise can’t do anything. However, in scenarios like these, it’s important to assess threat-facing areas and limit information that ransomware gangs can potentially use. It’s also worth noting that, once again, hackers can paralyze services even in the entertainment sector. No industry should ever feel immune to the dangers of potential cyber-attacks.
Therefore, it’s worth considering third-party resources and assistance when dealing with attacks, especially ransomware gangs. Managed service providers draw from a wide range of experience and veterans in the IT/cybersecurity sector, stay updated on best practices, and keeping tabs on new cyberattack methods. They can also provide backup resources in instances of downtime, protecting valuable customer data in the process.
For more information about these services, you can contact Bytagig today.
