Hackers shut down Las Vegas casinos

• Two Las Vegas casinos have been compromised by hackers.
• MGM Resorts International in Las Vegas is still sorting out the problem with its casinos – but most of its systems are offline.
• The same hacking group also hacked Caesars Entertainment weeks earlier.

Viva Las Vegas! Given the number of casinos operating in Las Vegas, the security in the area is some of the tightest in the world. The average casino in Las Vegas has around 2000 CCTV cameras, with around 50 personnel monitoring them in real-time. These surveillance cameras monitor the gamblers in the casinos to ensure there is no fraud or cheating taking place.

Unlike the fiction we’re led to believe by Danny Ocean and his team, as well as other fictional casino heist movie heroes, over the years, security in casinos in Las Vegas has improved. Most theft cases that happen in casinos do’nt lead to severe losses for the gambling companies. In fact, most forms of theft in the casino are resolved very quickly.

Today, technology has enabled most of the machines in casinos to be digitized. Most of the companies that own the casions have also digitized their operations, including how they handle their guests in their resorts, booking systems and other customer journey systems. Almost all casinos today also use the cloud to speed up their operations and to ensure smoother processes and effectiveness for their customers.

“This place houses a security system that rivals most nuclear missile silos.”

As casinos use the cloud and more digital solutions, they have increased their cybersecurity coverage. In fact, casinos are known to have some of the most secure cybersecurity protection in the world. Despite this, there is still a possibility of cyber-incidents happening in casinos.

For example in 2019, MGM Resorts International, one of Las Vegas’s biggest casinos, suffered a security breach when one of its cloud service providers was breached. Hackers stole more than 10 million customer records. MGM has since boosted its cybersecurity defenses.

Las Vegas Casinos breached

Despite all this, MGM has suffered another cybersecurity incident. According to a report by Bloomberg, MGM had some of its services go offline, including its website, as hackers took over their systems. It’s believed the hack was committed by the same group of hackers that breached Caesars Entertainment Inc., another casino in Las Vegas, a few weeks earlier.

The hackers have since demanded a ransom from MGM, having apparently locked up the company’s files. The ransom amount has yet to be confirmed, as MGM works with authorities to solve the problem.

“MGM Resorts recently identified a cybersecurity issue affecting certain of the company’s systems. Promptly after detecting the issue, we began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to resolve the matter. The company will continue to implement measures to secure its business operations and take additional steps as appropriate,” MGM explained.

Bloomberg also reported that Caesars had paid tens of millions of dollars to hackers who broke into the company’s systems. The hackers had threatened to release the company’s data if the ransom were not paid.

According to a Reuters report, it was a hacking group named Scattered Spider that brought down MGM’s systems. Identified by analysts last year, the group uses social engineering to lure users into giving up their login credentials or one-time-password codes to bypass multi-factor authentication.

Watch the video below to get an idea of how bad the situation is at MGM in Las Vegas.

The recent hack into the MGM Resorts computer systems continues into day three with no end in sight, though a hacker group has taken credit for the attack.

Las Vegas continues to push through, but many hotels are reeling.

Let’s get into it! pic.twitter.com/nnpPVx3Lwk

— L.A. in a Minute (@LaInaMinute) September 13, 2023

Who is Scattered Spider?

In a LinkedIn post, Charles Carmakal, CTO at Mandiant Intelligence, explained that Scattered Spider, also known as #UN3944, is one of the most prevalent and aggressive threat actors impacting organizations in the US today.

“They have recently gained a lot of attention because of their targeting of hospitality and entertainment organizations. Although members of the group may be less experienced and younger than many of the established multifaceted extortion/ransomware groups and nation-state espionage actors, they are a serious threat to large organizations in the US. Many members are native English speakers and are incredibly effective social engineers,” said Carmakal.

Apart from being incredibly disruptive and aggressive, Carmakal said they cause IT outages in several ways that don’t necessarily involve the deployment of ransomware encryptors. He added that they’ve seen the group deploy Black Cat encryptors in a subset of the victim environments that they’ve compromised, as well as using the ALPHV shaming infrastructure for a few victims they’ve extorted.

The FBI is currently investigating the cybersecurity issue, which has also affected credit card transactions at various MGM Resorts International properties.

Reuters also reported that the Scattered Spider hacking group said it took six terabytes of data from the systems of multi-billion-dollar casino operators MGM Resorts International and Caesars Entertainment. Speaking to Reuters via the messaging platform Telegram, a representative for the group said it did not plan to make the data public, and declined to comment on whether it had asked the companies for ransom.

---

---

---

---