MGM Resorts Hit by ALPHV/BlackCat Ransomware Attack

The Breach

MGM Resorts, a $33.9 billion entertainment and hospitality giant, was breached through a social engineering attack. The attackers exploited LinkedIn to find an employee and then called the Help Desk, highlighting the vulnerability of even major corporations to social engineering tactics.

The cyberattack forced MGM Resorts to shut down its network systems, causing chaos. Guest rooms, digital room keys, slot machines, ATMs, and casino floors were all affected. The company’s websites and mobile app also went offline, leaving staff struggling to manage guest complaints.

MGM Resorts implemented drastic measures to mitigate the threat, with slot machines being affected despite their usually segregated networks. The extent of the breach raises concerns about potential financial setbacks.

Aftermath and Debates

Despite claims of service restoration, long queues at front desks persisted, reflecting the severity of the situation. Security experts debate the attackers’ methods, including vishing, and the potential impact on the company’s ability to pay its employees.

The MGM cyberattack serves as a reminder that cyber risk transcends industries. It underscores the need for robust cybersecurity measures and vigilance across all sectors, as cyber threats continue to evolve.

Operating since 2021, this group is known for using the Rust programming language and collaborating with other ransomware groups. Their recent breach of Seiko, a semiconductor manufacturer, underscores their audacity and capabilities.

The MGM Resorts cyberattack highlights the evolving cyber threats facing organizations globally. As the situation unfolds, it remains to be seen how MGM Resorts will recover and whether they will face financial difficulties. This incident underscores the critical importance of cybersecurity in the digital age, urging organizations to remain vigilant against evolving cyber threats.