MGM Resorts International, the Las Vegas-based business group that operates casinos, hotels and shows around the world, is in the midst of a cyber crisis. A group of hackers calling themselves "Scattered Spider", made up of young people between 19 and 22 years old, managed to paralyze the computer systems of the hotel and casino chain this weekend, including its iconic establishments on the Las Vegas Strip. The attack, which began last weekend, has created significant chaos in MGM Resorts' operations and affected thousands of customers.
The consequences of this attack have been evident to visitors in the last week at MGM Resorts casinos and hotels. Most slot machines, hotel communication systems and other critical infrastructure are out of service; At the registration desks of the huge hotels in Nevada City, long lines form due to the impossibility of using room access cards. The ATMs do not work, and neither do the vending machines for drinks and food. And frustration and complaints from customers and guests have progressively increased in recent days.
MGM Resorts did not sit idly by in the face of this attack. The company began an investigation in collaboration with the FBI to track down those responsible behind "Scattered Spider", as they announced through social networks.
Additionally, the rating agency Moody's issued a warning about the possible negative impact on the credit rating of the MGM company, which is valued at $14 billion.
The incident is reminiscent of the recent attack on Caesars Entertainment, another $12 billion casino operator, which was also targeted by "Scattered Spider." In that case, the hackers threatened to leak sensitive data and demanded a $30 million ransom, reaching an agreement to pay about half of that. Both episodes underscore the hotel and casino industry's growing vulnerability to cyber threats and the need to implement stronger security measures.
"Scattered Spider"'s strategy relies on social engineering to obtain login credentials and password codes, allowing them to bypass multi-factor authentication. This tactic has proven effective in several attacks and represents a significant cybersecurity challenge in the industry.
According to VC Underground, all the cybercriminals needed was a brief phone interaction and collaboration with a ransomware-as-a-service group known as ALPHV or BlackCat. This situation led to reflection on the preparation of organizations to deal with telephone attacks compared to email attacks.
The financial impact of this attack on MGM Resorts is substantial, as the company generates an average of $13 million in daily revenue on the Las Vegas Strip. MGM operates 30 hotels and gaming venues around the world, and its largest websites, including MGM Grand, Mandalay Bay, Bellagio, Aria and The Cosmopolitan, have been inaccessible for days, according to VC Underground. The economic and operational consequences are evident, as visitors experience difficulties in their reservations and transactions.
Casinos are prime targets for financially motivated crime as their cybersecurity is not “top-notch.” Speaking to Reuters, intelligence analyst at security firm Recorded Futuro, Allan Liska, said that "casinos around the world should be on high alert because ransomware groups love to receive this kind of attention, so that we will probably see imitators.
The question that remains is whether these attacks will become a worrying pattern in the future and how the industry will respond to this growing threat.
