If you go to Las Vegas to have fun and gamble, think twice.
A ransomware group named “ALPHV,” also known as BlackCat, has been identified as the group behind a ransomware attack that affected MGM Grand casinos. It is reported that within 10 minutes, the group was able to hack into the company’s system and shut down all of the MGM Resorts International properties across the U.S.
It is stated that the malicious actors conducted a social engineering attack on the company with only a ten-minute phone call. VX states that “All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk,” It is also stated that the company has not provided specific details on the attack.
How did this attack affect the company and its customers?
- Hotel keys ineffective
- Checking in delays
- Slot machines display an error message
- The company's website is down
- Shut down of paid parking systems
So, what is the company’s next step?
In a Twitter post, MGM Resorts stated that they are taking the necessary steps to secure its systems. The extent of the attack remains unknown. It is also stated by reports that MGM Resorts will not pay the ransom.
Overall, while there aren’t specific details on the attack, this incident underscores the trend of cyberattacks targeting casinos, with Caesar's Palace being another notable victim. For hackers, these attacks present opportunities to ransom large-scale companies, emphasizing the critical need for enhanced cybersecurity measures and vigilance across industries, especially those dealing with sensitive customer data and financial transactions. As the digital landscape continues to evolve, proactive measures and collaborative efforts are essential in safeguarding against such cyber threats in the future.