Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » MGM Resorts breached by ‘Scattered Spider’ hackers: sources

MGM Resorts breached by ‘Scattered Spider’ hackers: sources

MGM Resorts breached by ‘Scattered Spider’ hackers: sources

By Zeba Siddiqui and Christopher Bing

SAN FRANCISCO/WASHINGTON – A hacking group named Scattered Spider brought down the systems of the $14 billion gaming giant MGM Resorts International this week, two sources familiar with the matter said, as U.S. law enforcement officials started a probe into the breach.

Several MGM systems remained paralyzed for a third straight day after it said on Monday it had shut some of them to contain a “cybersecurity issue.” The company, which operates over 30 hotel and gaming venues around the world including in Macau and Las Vegas, said it was investigating the incident.

A Bloomberg report separately said another casino operator, Caesars Entertainment, had been hacked and paid ransom to hackers who threatened to leak its data in recent weeks, citing two people familiar with the mater.

Shares of Caesars Entertainment and MGM both fell on Wednesday.

The cause and the full impact of the breaches was not immediately clear, although social media posts showed slot machines and systems down at MGM venues in Las Vegas.

Two sources familiar with the matter told Reuters the hacking group Scattered Spider was behind it. Identified by analysts last year, this group uses social engineering to lure users into giving up their login credentials or one-time-password (OTP) codes to bypass multi-factor authentication, the security firm Crowdstrike said in a blog post in January.

It is “one of the most prevalent and aggressive threat actors impacting organizations in the United States today,” Charles Carmakal, chief technology officer at Alphabet Inc’s Mandiant Intelligence said in a post on LinkedIn on Wednesday, following reports about the MGM breach.

“Although members of the group may be less experienced and younger than many of the established multifaceted extortion/ransomware groups and nation state espionage actors, they are a serious threat to large organizations in the U.S.,” he added.

Scattered Spider, also known as UNC3944, has hit telecom and business process outsourcing (BPO) companies in the past, but more recently also targeted critical infrastructure organizations, according to analyst reports.

“They leverage tradecraft that is challenging for many organizations with mature security programs to defend against,” Carmakal said.

The FBI said on Wednesday it was investigating the incident, but did not elaborate. The rating agency Moody’s warned the breach could negatively impact MGM’s credit rating.

Such attacks are typical hallmarks of ransomware incidents in which extortionists encrypt victims’ computer systems and demand ransoms in digital currency.

Analysts say casinos are prime targets of financially-motivated cybercrimes.

“They’re more likely to get paid because they’re disrupting casino operations,” said Allan Liska, intelligence analyst at the security firm Recorded Future.

“Casinos around the world should be on heightened alert because ransomware groups love it when they get this kind of attention, so we will likely see copycats.”

Moody’s analysts said in a report that the incident “highlights key risks related to (MGM’s) business operations’ heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable.”

Messages seeking further comment from MGM and the U.S. cybersecurity watchdog agency CISA were not immediately returned. MGM Resorts’ website was “currently unavailable,” according to a holding message posted to the group’s homepage.

“Our investigation is ongoing and we are working diligently to determine the nature and scope of the matter,” MGM said in a post on the social media website X on Monday.

(Reporting by Raphael Satter, Zeba Siddiqui and Christopher Bing; Editing by Daniel Wallis and Stephen Coates)

 

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket