MGM Resorts, the renowned hotel and entertainment giant operating multiple properties in Las Vegas, is experiencing a widespread outage after falling victim to a cyberattack. The company has been grappling with these system disruptions for four consecutive days now, with no immediate resolution in sight. The attack has led to significant disruptions across MGM’s hotels and casinos, with guests reporting issues related to ATMs, slot machines, room key cards, and electronic payment systems.
Key Takeaway
MGM Resorts continues to grapple with a widespread outage caused by a cyberattack, leading to disruptions across its hotels and casinos. Scattered Spider, a hacking group, claims responsibility for the MGM attack, as well as a recent cyberattack on Caesars Entertainment. The group employs social engineering tactics and recruits minors due to lenient legal consequences. Investigations into the incidents are ongoing.
Outage Frustrations Continue for MGM Guests
Despite earlier claims by MGM Resorts that its resorts, including dining, entertainment, and gaming areas, are operational, guests continue to face problems throughout the properties. Social media reports indicate that the casinos remain closed, leading to long queues forming outside affected locations. To manage the situation, resort staff has resorted to using pen and paper for essential operations. Additionally, guests have reported a lack of TV services in hotel rooms and offline phone lines.
Scattered Spider Claims Responsibility for MGM Attack
Scattered Spider, a notorious hacking group, has come forward to claim responsibility for the cyberattack on MGM Resorts. The collective vx-underground highlighted this claim, identifying Scattered Spider as a subgroup of the ALPHV ransomware gang. It remains uncertain whether any data was stolen from MGM’s systems and if the dark web leak site used by ALPHV has listed MGM Resorts as a victim.
Interestingly, Scattered Spider was also implicated in a recent cyberattack on Caesars Entertainment. The hackers targeted Caesars by breaching one of its IT vendors, demanding a ransom of $30 million. It was reported that Caesars paid about half of the ransom to prevent the disclosure of stolen data. In an 8-K filing with federal regulators, Caesars revealed that the hackers had stolen its loyalty program database, potentially compromising customer driver’s license and Social Security numbers.
Social Engineering Tactics and Recruitment of Minors
Scattered Spider revealed that they used social engineering techniques to compromise MGM Resorts. By finding an employee on LinkedIn and posing as help desk personnel, the hackers gained access to the individual’s account. The hacking group has a reputation for employing social engineering to infiltrate corporate networks. Notably, Scattered Spider comprises young adults and even teenagers, resembling other hacking groups involved in extortion.
Allison Nixon, chief research officer at Unit 221B, noted that these hackers are Western, not Russian, employing minors due to the lenient legal consequences they face. She explained that the group consciously recruits minors, as they know that even if caught, law enforcement is unlikely to take strict action against them.
Authorities Investigate the Attacks
MGM has not provided detailed information about the nature of the cyberattack beyond an 8-K filing. Both the FBI and U.S. authorities confirm investigations into the MGM cyberattack, but they declined to comment further. The FBI spokesperson chose not to disclose any details regarding the Caesars attack. At present, there is no comment from Caesars Entertainment or MGM Resorts regarding the incidents.