Recent Casino Robberies
Two of the biggest casinos—MGM and Caesars—have been slammed with ransomware attacks in recent weeks.
Caesars is not denying news reports saying that they have already paid $15 million to hackers—which is only 50% of the demand by the way. MGM appears to be resisting ransomware extortion but their hotels and casinos are in chaos.
How can this happen?
The answer is “social engineering.” In a previous article, EO Advisor focused on Social Engineering and that is the vulnerability that made it possible for “Scattered Spider” to infiltrate MGM and Caesars.
The topline explanation is that the hackers used public sources like LinkedIn to become very familiar with a specific employee. Imitating the employee, they called the casino’s IT help desk and got their password reset. The moment the “intruders” got inside the employee-only network, they created a ghost employee “living inside” a real employee’s computer. At this point, the hacker becomes patient and deliberate as they carefully worm their way into deeper levels of the casino’s IT systems.
David Kennedy, the CEO of TrustedSec, has been on the news networks explaining how MGM and Caesars could be vulnerable to this nightmare. Movies like “Oceans 11” portray the intense physical security that casinos use to protect money but because casinos are in the hospitality industry, they resist upgrades to cybersecurity because they don’t want to disrupt the customer experience.
85% of all ransomware attacks begin with social engineering.
Spotting this type of hack is not easy. To address that kind of challenge, we upgrade security for all of our clients by installing endpoint detection and response software (EDR). To learn more about EDR, read this EO Advisor article.
EDR is a strong software solution but the critical defense against social engineering is employee training. Criminals might try to trick company employees 500 times and fail 499 times. That’s still a win for them because one mistake by one employee just one time is all they need to gain access to company networks and data. Industry data suggests that efforts to trick employees with social engineering tactics work 40% of the time. That’s scary. However, if criminals keep running into employees who are trained to ignore and report phishing attacks, they move on to some other company where the employees are not well trained.
Please take the news about MGM and Caesars seriously. Ransomware attacks against small companies are common today. These attacks are just as painful for the victims even though we don’t read about them in the news.
Note about sources: The Las Vegas Review-Journal covers the casino industry and their reporting about these cyberattacks is useful for people looking to dive deeper into the situation with MGM and Caesars. EO Advisor benefited from their reporting.