What You Can Learn from the 2023 MGM Las Vegas Cyber-Attack
What if your business fell victim to a cyber-attack tomorrow? Would you be ready to defend your assets, data, and reputation?
These are not hypothetical questions anymore; they are the uncomfortable reality businesses face. In fact, just recently in September 2023, the casino and hotel company MGM Resorts in Las Vegas dealt with widespread system outages and service disruptions following a cyberattack.
In our 20 years in the business, Intelligent Technical Solutions (ITS) has witnessed other organizations, some even smaller than MGM Resorts, suffer from similar cyber-attacks. This is what we learned: It can happen to anyone. That is why we’ve made it our mission to educate as many businesses as possible about cybercrime - to understand, prepare for, and defend against looming cyber threats.
So, in this article, we'll delve into:
- The details of the MGM Las Vegas incident and
- Crucial insights that will compel you to reevaluate your organization's digital defenses.
The MGM Grand Las Vegas Cyber Attack
Here’s what we know so far: a group of hackers called Scattered Spider claimed to use social engineering to find an MGM staff member’s information on LinkedIn. Using the stolen identity of the individual, someone who has elevated privileges, they called the helpdesk and asked for a password and MFA change. The incident disrupted MGM’s operations, affecting slot machines, electronic payments, digital keycards, ATMs, and paid parking systems, to name a few. Reports say the attack took only about ten minutes to execute.
Since then, the management of MGM is actively cooperating with law enforcement agencies and has engaged cybersecurity firms to contain the breach and secure their systems.
There’s no clear figure of how much MGM lost in revenue. But based on their most recent quarterly report, the company’s Vegas Strip properties generate tens of millions of dollars daily; it’s clear that the incident is also costly.
This incident serves as a stark reminder of the growing threats posed by cyberattacks on businesses – and a costly lesson about how you should prioritize and invest in your cybersecurity.
How can you prepare your business against cyberattacks?
The MGM Las Vegas ransomware attack offers several crucial lessons for businesses looking to protect their data and cybersecurity:
1. Prioritize Employee Training and Awareness
Cyberattacks often exploit human vulnerabilities, just like what happened with MGM. Regular employee training and awareness programs can help staff recognize phishing attempts and other social engineering tactics cybercriminals use. Employees should also be educated about the importance of strong passwords and safe online practices.
2. Invest in Robust Cybersecurity Measures
The incident highlights the importance of allocating resources to robust cybersecurity measures. Businesses need solutions with comprehensive visibility of endpoint, network and cloud services that identify risk in real-time. Also, continuously assess your cybersecurity infrastructure, keep software up to date, and employ the latest security tools and technologies to defend against evolving threats.
3. Employ Data Encryption
Data encryption can add a layer of protection, making it much more challenging for hackers to access sensitive information even if they breach a system.
Data encryption involves converting data into a code that is indecipherable without the corresponding decryption key. This means that even if hackers manage to breach a system, the data they encounter is useless without the encryption key.
4. Build an Incident Response Plan
As previously mentioned, all businesses should have well-defined incident response plans to mitigate the impact of cyberattacks. These plans should include steps for containing the breach, notifying affected parties, and restoring normal operations.
5. Doing Regular Backups
Regular data and systems backups are an essential component of an incident response plan. In the event of a ransomware attack, having clean backups can make it possible to restore systems without paying a ransom. It's crucial to ensure backups are stored securely and are regularly tested for reliability.
6. Ensure Rapid Response
In the case of MGM, they were quick to call the appropriate authorities, and that might have lessened the impact of the cyberattack. Reporting such incidents promptly allows for a more rapid response, potentially minimizing the extent of the damage and increasing the chances of identifying and apprehending the attackers.
7. Ensure Vendor Security
Evaluate and ensure the cybersecurity practices of third-party vendors and partners, especially if they have access to your systems or data. Weak links in your supply chain can become entry points for attackers.
8. Conduct Regular Security Audits
Conduct regular security audits and penetration testing to identify vulnerabilities before cybercriminals can exploit them. These tests should simulate real-world attack scenarios, helping you proactively strengthen your defenses and stay one step ahead of potential threats.
Doing so can bolster your cybersecurity posture and reduce the likelihood of falling victim to malicious actors.
How prepared are you for a cyber-attack?
Cybercrime organizations are financially motivated, and target victims with whatever exposed vulnerabilities they are able to exploit. If your business mostly revolves around financial transactions, your value as a ransomware target significantly increases. That is why it is vital to fortify your cybersecurity measures, continually assess vulnerabilities, and ensure you have a practical incident response plan in place, regularly practicing and refining that plan.
To gain more insights on this matter, you can reach out to any of our cybersecurity experts.
Here at ITS, we’ve been helping hundreds of clients create a secure environment for their businesses. Read through our vast collection of guides and case studies on cybersecurity by visiting our Learning Center. Here are some direct resources to get you started:
- What is Ransomware? [Updated]
- eBook - Ransomware Attack Protection Guide
- FBI-CISA Ransomware Awareness Advisory