Ransomware Strikes MGM & Caesars

Assessment of cybersecurity points to high risks at MGM and Caesars Entertainment venues.

Assessment of cybersecurity points to high risks at MGM and Caesars Entertainment venues.It’s a concerning development that the owners of casinos along the Las Vegas Strip are now more susceptible to cyberattacks. Caesars Entertainment, MGM Resorts International’s rival, is apparently getting ready to reveal that it too has been the target of a ransomware attack, just a few days after MGM Resorts International admitted to being the victim of a major cyberattack.

Unnamed sources with knowledge of the matter have told Bloomberg that a hacking gang going by the name “Scattered Spider,” or UNC 3944, successfully extorted an undisclosed amount from Caesars Entertainment by infiltrating the gambling giant with ransomware. Unverified rumors on social media sites imply that the cybercriminals may have wanted as much as $30 million, if not more, despite the lack of official proof regarding the precise sum.

As per the latest regulations set forth by the Securities and Exchange Commission (SEC), publicly traded corporations are required to notify their investors of “material” occurrences, and it is true that cyber ransoms are included in this category. Caesars Entertainment is anticipated to submit an Item 1.05 Form 8-K in the near future, which is the standard method for making these disclosures. Caesars’ most recent filing, according to the most recent data accessible on the SEC website, was made on August 25. The nature of the cyberattack and its possible repercussions, however, were unknown to many investors and stakeholders as a result of the statements that were requested going unanswered.

Growing Ransomware Threats Raise Concerns

Regretfully, ransomware attacks are becoming more frequent and impact a variety of institutions, including government agencies and global enterprises. Gateway Casinos in Canada were hacked earlier this year and saw their casinos closed for 2 weeks. Although MGM has not formally acknowledged that it was the target of a ransomware attack, a number of cybersecurity professionals have noted that the company’s cyberattack bears many of the characteristics of one.

Notably, it is not thought that Scattered Spider is responsible for the MGM hack. Rather, media sources suggest that the MGM hack happened when an attacker assumed the identity of an existing employee, using this trick to get technological credentials from the company’s IT division.

By contrast, it is reported that Scattered Spider’s assault on Caesars Entertainment was started by a third-party vendor who had a relationship with the gaming corporation. Bloomberg reports that Scattered Spider obtained access to Caesars’ network via breaching this third-party provider; the intrusion is thought to have started on August 27. With sizable portfolios of regional casinos dispersed across the US, MGM and Caesars Entertainment are the two biggest operators on the Las Vegas Strip.

Cybersecurity Breaches Pose Financial Risks for MGM and Caesars

Although neither Caesars Entertainment nor MGM has formally disclosed the financial consequences of the ransomware incident they both experienced, there are worries that both businesses may have a negative impact on their investors.

In a message to its clients, Moody’s Investors Service described the MGM hack as a “credit negative” occurrence. The credit rating agency did not downgrade its rating of the massive casino operator, but it did highlight the dangers made apparent by the attack, especially the excessive reliance on technology and the operational disruption that results when vital systems fail or become unusable. Moody’s kept its “B1” rating on MGM’s debt in place but declined to comment on Caesars Entertainment.

Moody’s added that MGM faces additional risks, such as reputational damage, potential revenue losses during system outages, and any direct costs associated with investigation and remediation. The business may also be at risk from litigation costs or liabilities resulting from compromised data, if any.

Author: Eugene Gray