Attacks on the biggest establishments - MGM Resorts and Caesars - have been one of the main topics of the past weeks. Losses run into the hundreds of millions of dollars. The companies' stocks have plummeted sharply downward. Most importantly, a huge array of players' personal data has likely been compromised, although the casinos deny the possibility. Therefore, the issue of cybersecurity has become extremely acute. Analysts investigate how things are going with user data protection and casino security.
What happened at MGM and Caesars
The hacker attack on MGM Resorts took place on September 11 this year. It all started when the casino reported security problems at the company. The message appeared on the social network X (formerly Twitter). MGM then tried to pretend as if everything was under control, assuring that all necessary measures to protect customer data had been taken.
However, this reassuring assertion proved to be somewhat premature. Hackers continued to attack the casino, causing the company's operations to be interrupted for several days. Hotel room keys, slot machines, and many other things in the infrastructure of the hotels and casinos were affected. Most of the impact came in Las Vegas.But the reverberations were felt around the world, as MGM is one of the largest companies offering offline casino services.
Most of the facilities had to be converted to "analog mode. “Staff recorded bets and winnings on paper. In just a few hours, the biggest and richest casino chain returned not even to the middle, but the beginning of the twentieth century.
In all, it took the company more than ten days to recover. Only on September 20, MGM reported that everything was working normally. However, to this day, some functions are still unavailable - mainly related to advertising and bonuses.
Less is known about the attack on Caesars. However, the company reported that it was also attacked by hackers, and it happened on September 7. Caesars does not go into details about what facilities were affected, or what damage the casino suffered. They also ensure that players' personal data is not affected. However, there have been repeated reports that Caesars actually paid off the hackers, giving more than 15 million dollars.
How the attack occurred
The exact details are not known. However, there is information that the Scattered Spider group, also known as UNC3944, is behind both attacks. The hackers used a special hacking software, BlackCat Ransomware as a Service (RaaS). However, in such cases, software alone is not enough.
Social engineering comes to the fore. There are various ways to manipulate and deceive to gain access to sensitive information. It is believed that in both cases, some third party was the culprit.
Caesars blames the IT support provider. In MGM's case, a "planted duck" entered the trust as an employee before gaining access to the passwords and data needed.
The hackers may also have used information found on the social network LinkedIn to pretend to be employees of the IT company.
Fishing: the main threat
Analysts have already drawn the main conclusion from the situation. The IT defense systems themselves are quite reliable. No hacker software can crack them without the "human factor". The latter is most often phishing. Many of us have encountered it when we were sent a dubious link to enter our card number. Or a call from a bank informing us about a loan allegedly taken out in our name - "Protect your money by forwarding it to such and such a contact".
Seemingly obvious techniques. But they work because today's cybercriminals rely less and less on software and more and more on social engineering.The methods are becoming more sophisticated. Cybercriminals use dipfakes to mimic the voice and face of trusted people - for example, the head of security or the IT department. This is what enables criminals to carry out their black designs.
Why offline casinos are at risk
In online establishments, everything is decentralized. There is no single head of security who can give away all access. Protection goes through several stages - even if one person in the chain gets caught phishing, another can turn on the mind in time and catch an insidious hacker by the hand.Therefore, the analysts conclude, that virtual casinos, as well as other decentralized institutions, are now more secure. They rely more often on AI, and it is harder to deceive a machine than a human.
In the future, analysts believe that offline establishments will also strive to minimize the human factor. This is the only way to protect themselves from hacker attacks.
