The Slots Fall Silent

The MGM company’s casinos and hotels have experienced severe IT web outage and disruption, with financial impacts of the outage expected to be significant. MGM Resorts International reported a "cyber security issue" on 11th September, which has affected its hospitality, gaming and entertainment properties across the US and MGM. 

This resulted in a shut down a number of its computer systems including its website in response to a “cybersecurity issue,” the company said in a social media post 

The initial shutdown impacted nearly every aspect of the casino operator’s business. Everything from slot machines, room keys, ATMs and reservations have been affected.

Employees are currently unable to access their company emails and almost a week later it remains unclear when systems will be back online.

According to reports, the same hackers who breached MGM have also attacked another leading casino operator, Caesars Entertainment, breaking into their systems as well as those of three other non-gaming companies. David Bradbury, chief security officer of the identity management company Okta, told reporters that five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.

Multiple MGM sites have been affected including the MGM Grand Detroit, MGM Northfield Park in Ohio, Empire City Casino in NYC, Beau Rivage in Mississippi, Borgata in Atlantic City and MGM Springfield in Massachusetts. Reservation systems, booking systems, online reservations, and in-casino services, like ATMs, slot machines, and credit card machines, hotel electronic key card systems, and the casino floors were all apparently impacted by the outage. 

ALPHV Claim Responsibility

In an unprecedented development, ransomware group ALPHV has publicly claimed responsibility for the MGM Resorts attack, publishing a statement on their Dark Web website. ALPHV warned MGM of further attacks if it didn't strike a deal. It's unclear how much ransom ALPHV has demanded.

Now, the cybersecurity company Check Point have produced a blog detailing up to date stats on the group including the geographical spread of their victims and the sectors they target.

Threat intelligence group manager at Check Point Research Sergey Shykevich observed: “This incident is yet more proof of the growing trend of ransomware attackers focusing on data extortion and targeting of non-windows operating systems. The model of ransomware as a service (RaaS) continues to be very successful, combining strong technological infrastructure for the attacks, with savvy and sophisticated affiliates that find the way to penetrate major corporations."

The resort owner issued a further statement, saying it recently identified an issue "affecting some of the company's systems.. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cyber security experts...  Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter."

Casino industry site Vital Vegas said the attack was "devastating" because "MGM Resorts has about 48,000 rooms on The Strip."

According to Okta, a different hacking gang alternately known as known as UNC3944 or Scattered Spider appears to have worked with ALPHV on the latest hacks "Think of them more as business associates or affiliates," David Bradbury said. Mandiant  has described UNC3944, as one of the most disruptive hacking groups in the United States

Guests at some other Las Vegas locations, which include Aria, Bellagio, Luxor and Mandalay Bay took to social media to report continued disruptions affecting ATM and credit card machines, digital room keys, slot machines, and other electronics systems.

CNBC:    CheckPoint:     MGMResorts:   NBC:    Regsiter:    ITPro:    Mirror:   Bleeping Computer

USA Today:     Reuters:     Mandiant

Image: Cottonboro Studio

You Might Also Read: 

The Intercontinental Hotels Group was ‘Hacked for Fun!’:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible



 

« Another British Police Force Leaks Confidential Data
Dealing With Security Incidents In The Enterprise Sector  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

Delphix

Delphix

Delphix is the industry leader for DevOps test data management.

Secure Source

Secure Source

Secure Source specialise in search and recruitment for Cyber Security and Security Cleared markets.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

CYMOTIVE Technologies

CYMOTIVE Technologies

Combining Israeli cyber innovation with a century of German automotive engineering. CYMOTIVE operates under the assumption that connectivity is a game changer for the automotive industry.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

Celcom

Celcom

Celcom is the oldest mobile telecommunications provider in Malaysia, providing solutions and services to consumers and businesses.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.