LAS VEGAS (KTNV) — Wednesday marked four days that MGM Resorts has been trying to clear up the mess caused by a cybersecurity issue.
It has led to headaches for company officials and guests alike.
“It was kind of chaotic,” said visitor Walter Haywood. “The machines wouldn’t take our ticket. Lines everywhere. Just chaos”
MGM Resorts updated their home page, which now states if anyone has hotel reservations arriving between Sept. 13 and Sept. 17, 2023, resort officials are waiving change and cancellation fees.
I spoke to Nate Fudala, a former Las Vegas Metropolitan Police Department senior intelligence analyst with the Southern Nevada Counter Terrorism Center. The group is comprised of several agencies that monitor activities on the Strip.
“We don’t know exactly how this happened yet,” Fudala said. “Social engineering is something most companies don’t know how to handle it because they don’t know what to look for or what alerts to pay attention to the red flags.”
On Wednesday, ‘VX-Underground’, a group focused on research and preservation with the largest collection of malware code, posted to X that the ransomware group ‘ALPHV’, also known as Black Cat, is behind the MGM cyber attack.
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
— vx-underground (@vxunderground) September 13, 2023
“They posted they took over $33 billion. That’s a lot of money,” Fudala said. “I’m not going after the small fish. I’m going after the head of the dragon and if we take out a casino, that’s a lot of money involved.”
MGM Resorts officials haven’t confirmed how the breach happened. However, the group states they found an employee on LinkedIn, then called the help desk, and in a 10-minute phone call, they were able to hack into the system.
Fudala said cyber attacks are getting more sophisticated.
“It’s about creating a safety net. The more systems we have in place, the more of a netting that you have,” Fudala said. “Obviously, MGM has that netting in place, as do a lot of the casinos I worked with. It’s trying to figure out who they’re doing it to, when they’re doing it, and how to prevent it.”
With technological advances in artificial intelligence, Fudala said our future may look more like a battle between malware and the systems that try to protect against it.
“It’s going to get to a point where we have to have a two-factor identification to verify that person is who they say they are,” Fudala said. “The biggest threat to any network is the user. It’s you and me. It’s not the system itself. It’s the people using it. The biggest thing is there is no 100% way to secure a network. It’s impossible.”
Meantime, operations at some MGM properties have somewhat returned to normal, with the exception of longer lines at the front desk and a few machines still down. Guests like Haywood said the experience wasn’t a complete nightmare.
“It depends on what they off us,” Haywood said. “If we get some good offers, we’ll come back.”
According to Bloomberg.com, the same group was behind a recent cyber attack against Caesars Entertainment.
The Nevada Gaming Control Board states they are monitoring the situation and released the following statement:
Governor Lombardo and the Nevada Gaming Control Board are monitoring the cybersecurity incident with MGM Resorts and are in communication with company executives. Additionally, the NGCB remains in communication with other law enforcement agencies.
— Nevada Gaming Control Board (@NevadaGCB) September 14, 2023
We’ve also reached out to MGM for comment but haven’t heard back.