In a recent cybersecurity incident, MGM Resorts experienced significant disruptions across its U.S. casino and integrated resort network. The incident, deemed “credit negative” by Moody’s Investors Service, sheds light on critical risks to the company’s operations.
Impact of the Incident
The incident, which occurred on a Monday, forced MGM to take several drastic measures. The company had to shut down its website and reservation systems, leaving potential guests in the lurch. Moreover, banks of slot machines were temporarily offline, and ATMs and credit card systems ceased to function. Some guests were even locked out of their hotel rooms due to malfunctioning digital keys. Guests were left waiting for payouts as some casino operations continued to grapple with the disruption.
Moody’s Assessment and Identified Risks
Moody’s Investors Service highlighted several risks associated with MGM Resorts. The company’s heavy reliance on technology became evident as systems had to go offline or became inoperable. These disruptions could lead to potential revenue losses, damage the company’s reputation, and result in direct costs related to investigation and remediation. Legal expenses and liabilities stemming from compromised data further compound the risks. Although most operations have been restored, MGM’s website remains down nearly three days after the initial incident.
Industry-Specific Cybersecurity Risk
The gaming and gambling industry, as Moody’s pointed out, carries a “moderate cybersecurity risk” due to its highly digitized nature and the wealth of personal data it manages. This includes sensitive information about U.S. executives and government officials with security clearances, which makes it an attractive target for nation-state hackers.
Bitsight’s Evaluation and Patching Cadence
Bitsight, a cybersecurity ratings and analytics company, assigned MGM Resorts an “F” grade for its patching cadence – the speed at which the company remediates known vulnerabilities. Research by Bitsight has shown that organizations with an “F” grade in patching cadence are 3.2 times more likely to fall victim to cyber incidents. This raises questions about MGM’s proactive approach to addressing cybersecurity vulnerabilities.
Attackers’ Tactics and Potential Response
According to the malware research group VX-Underground, the cyber attack on MGM was perpetrated by the ransomware group ALPHV. They noted that ALPHV is adept at social engineering for initial access, and in this case, they exploited a simple method: contacting an employee via LinkedIn and subsequently calling the Help Desk. The ease with which this breach occurred underscores the need for robust employee training in cybersecurity. Interestingly, VX-Underground believes that MGM is unlikely to pay any ransom.
Conclusion and Cybersecurity Recommendations
The MGM Resorts cybersecurity incident serves as a stark reminder of the vulnerabilities that even major companies face in today’s digital landscape. It emphasizes the need for proactive measures, including improving patching cadence, bolstering defenses against social engineering, and safeguarding valuable data. As organizations continue to grapple with evolving cyber threats, a comprehensive approach to cybersecurity remains paramount to mitigate risks and protect sensitive information.
By examining this incident from multiple angles, we gain a deeper understanding of the challenges and opportunities for improvement in the realm of cybersecurity within the gaming and hospitality industry.