Search Tools Links Login

Las Vegas Cyberattacks Linked to Scattered Spider Hackers

Posted: 2023-09-25
By: dwirch
Viewed: 264

Filed Under:

News, Security

No attachments for this post

Las Vegas' top casinos and hotels, including MGM Resorts' crown jewels like Bellagio, Aria, and Mandalay Bay, have been rattled by a major cyberattack. This event, linked to the hacker group often known as "Scattered Spider," has emerged as one of the most talked-about cyber breaches in recent times.

Distinctive for being native English speakers, a trait uncommon in a cybercrime world dominated by Russians and Eastern Europeans, this group has been associated with other significant breaches in the U.S., using a unique tactic: social engineering through phone calls and tech support chats.

After the cyber onslaught, MGM Resorts was thrown into chaos: casino activities halted, hotel key cards malfunctioned, and even by Friday, employees couldn't access corporate emails. While the company later announced that a majority of their services remained operational, the magnitude of the breach was evident.

The subtlety of their approach lies in its simplicity. Wendi Whitmore from Palo Alto Networks elucidated how the group typically manipulates situations, seeking password resets from help desks with believable pretexts, such as returning from vacations. As help desks aim for swift resolutions, this tactic often works.

Another gaming giant, Caesars Entertainment, which oversees landmarks like Tropicana and Harrah’s, disclosed a hack in a recent SEC filing. However, unlike MGM, Caesars avoided public outages, leading to speculation they might've paid the hackers to prevent disruptions.

This enigmatic hacker group lacks a conspicuous online presence, but cybersecurity firms have been closely monitoring their activities. Charles Carmakal from Mandiant, a Google-owned cybersecurity entity, highlighted their extensive intrusion track record, suggesting they've compromised various U.S. firms, many of which remain undisclosed.

Caesars pinpointed their breach's origin to a social engineering scheme targeting one of their tech support vendors. However, MGM hasn't detailed the hackers' entry mode. The FBI has confirmed its active role in the investigations, refraining from further comments.

The location of these hackers remains ambiguous. But with the collective effort of global law enforcement and cybersecurity firms, Whitmore remains optimistic about the potential to disrupt their activities, especially if they are based in the U.S.

Comments on this post

No comments have been added for this post.

You must be logged in to make a comment.