What Happened?<\/p>\n\n\n\n
It all began in September of 2023, when the Casino Resort MGM discovered a security
breach where a third party obtained personal customer information including phone numbers,
driver\u2019s license information, and for some even social security information. A group of hackers
called Scattered Spider took credit for the breach. It is believed that they accessed the MGM
systems by using phishing techniques to acquire employee login credentials and then use that
information to login to the system. Once into the system they reset the multifactor authentication
(MFA) and added an identity provider (IdP) to MGM\u2019s network allowing them to increase their
control over the network and access their cloud assets (Thompson 2023).<\/p>\n\n\n\n
Vulnerabilities & Repercussions<\/p>\n\n\n\n
This attack exposes the vulnerabilities of \u201cthe human factor\u201d of cybersecurity with the
employees being prone to these phishing attacks, likely due to a lack of training against it.
MGM\u2019s failure to detect the MFA reset is also a notable issue because if it had been detected
they could have mitigated loss or even limited the attacker\u2019s access. The attack in the system
caused ATM\u2019s and slot machines to not operate, guest suite cards and key cards to not work,
electronic payments were not working and some TV and phone lines to go down causing the
casino to close down many operations for days. The result of this attack was the loss of millions
of dollars from MGM every day.<\/p>\n\n\n\n
Mitigation Tactics<\/p>\n\n\n\n
Ways MGM could mitigate these issues in the future are monitoring their MFA systems
and if that system is via third party, establish higher cybersecurity standards. Another way to
mitigate is by having intrusion detection systems and incident response plans (Convocar 2023). These plans can include keeping backups be it physically or on a separate system so in the case
of an incident or breach the system can quickly recover. Also ensuring that the backups are
updated regularly and that the systems both hardware and software are up to date.<\/p>\n\n\n\n
References<\/p>\n\n\n\n
Convocar, Jessa Mikka. \u201cWhat You Can Learn from the 2023 MGM Las Vegas Cyber-Attack.\u201d
Intelligent Technical Solutions, Intelligent Technical Solutions, 4 Oct. 2023,
www.itsasap.com\/blog\/mgm-ransomware-attack-takeaways.
Thompson, Andy. \u201cThe MGM Resorts Attack: Initial Analysis.\u201d Identity Security and Access
Management Leader, 16 Nov. 2023, www.cyberark.com\/resources\/blog\/the-mgm-resorts-
attack-initial-analysis.
Siddiqui, Zeba. \u201cCasino Giant MGM Expects $100 Million Hit from Hack That Led to Data …\u201d
Reuters, 5 Oct. 2023, www.reuters.com\/business\/mgm-expects-cybersecurity-issue-
negatively-impact-third-quarter-earnings-2023-10-05\/.<\/p>\n","protected":false},"excerpt":{"rendered":"
What Happened? It all began in September of 2023, when the Casino Resort MGM discovered a securitybreach where a third party obtained personal customer information including phone numbers,driver\u2019s license information, and for some even social security information. A group of hackerscalled Scattered Spider took credit for the breach. It is believed that they accessed the… <\/p>\n