The Slots Fall Silent

Uploaded on 2023-09-19 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The MGM company’s casinos and hotels have experienced severe IT web outage and disruption, with financial impacts of the outage expected to be significant. MGM Resorts International reported a "cyber security issue" on 11th September, which has affected its hospitality, gaming and entertainment properties across the US and MGM. 

This resulted in a shut down a number of its computer systems including its website in response to a “cybersecurity issue,” the company said in a social media post 

The initial shutdown impacted nearly every aspect of the casino operator’s business. Everything from slot machines, room keys, ATMs and reservations have been affected.

Employees are currently unable to access their company emails and almost a week later it remains unclear when systems will be back online.

According to reports, the same hackers who breached MGM have also attacked another leading casino operator, Caesars Entertainment, breaking into their systems as well as those of three other non-gaming companies. David Bradbury, chief security officer of the identity management company Okta, told reporters that five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.

Multiple MGM sites have been affected including the MGM Grand Detroit, MGM Northfield Park in Ohio, Empire City Casino in NYC, Beau Rivage in Mississippi, Borgata in Atlantic City and MGM Springfield in Massachusetts. Reservation systems, booking systems, online reservations, and in-casino services, like ATMs, slot machines, and credit card machines, hotel electronic key card systems, and the casino floors were all apparently impacted by the outage. 

ALPHV Claim Responsibility

In an unprecedented development, ransomware group ALPHV has publicly claimed responsibility for the MGM Resorts attack, publishing a statement on their Dark Web website. ALPHV warned MGM of further attacks if it didn't strike a deal. It's unclear how much ransom ALPHV has demanded.

Now, the cybersecurity company Check Point have produced a blog detailing up to date stats on the group including the geographical spread of their victims and the sectors they target.

Threat intelligence group manager at Check Point Research Sergey Shykevich observed: “This incident is yet more proof of the growing trend of ransomware attackers focusing on data extortion and targeting of non-windows operating systems. The model of ransomware as a service (RaaS) continues to be very successful, combining strong technological infrastructure for the attacks, with savvy and sophisticated affiliates that find the way to penetrate major corporations."

The resort owner issued a further statement, saying it recently identified an issue "affecting some of the company's systems.. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cyber security experts...  Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter."

Casino industry site Vital Vegas said the attack was "devastating" because "MGM Resorts has about 48,000 rooms on The Strip."

According to Okta, a different hacking gang alternately known as known as UNC3944 or Scattered Spider appears to have worked with ALPHV on the latest hacks "Think of them more as business associates or affiliates," David Bradbury said. Mandiant  has described UNC3944, as one of the most disruptive hacking groups in the United States

Guests at some other Las Vegas locations, which include Aria, Bellagio, Luxor and Mandalay Bay took to social media to report continued disruptions affecting ATM and credit card machines, digital room keys, slot machines, and other electronics systems.

CNBC:    CheckPoint:     MGMResorts:   NBC:    Regsiter:    ITPro:    Mirror:   Bleeping Computer

USA Today:     Reuters:     Mandiant

Image: Cottonboro Studio

You Might Also Read: 

The Intercontinental Hotels Group was ‘Hacked for Fun!’:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Another British Police Force Leaks Confidential Data
Dealing With Security Incidents In The Enterprise Sector  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cysec - TU Darmstadt

Cysec - TU Darmstadt

CYSEC is the Cybersecurity faculty of the Technical University of Darmstadt and performs internationally renowned research in numerous areas of cybersecurity.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

Approachable Certification

Approachable Certification

Approachable Certification is a UKAS accredited certification body offering down-to-earth and competitively priced audits against ISO Management Systems standards.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

ISA Security Compliance Institute (ISCI)

ISA Security Compliance Institute (ISCI)

ISCI, a not-for-profit automation controls industry consortium, manages the ISASecure™ conformance certification program for industrial automation and control systems.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

Alias

Alias

Alias (formerly Alias Forensics) provide penetration testing, vulnerability assessments, incident response and security consulting services.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

Beround

Beround

Beround is an IT consultancy firm specialized in software testing.