This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

Casino Hack Has Potential Lessons for Other Companies

In early September, the news about a hack hitting the MGM and Caesars casino and hospitality chains dominated the industry headlines for several days. It appears that known threat actors carried out the attacks, and the attacks significantly impaired operations for several days. It has also been reported that MGM paid a multimillion-dollar ransom to try to unlock its network and resume operations.  

Why It Matters

These attacks provide valuable lessons to large and small companies alike: 

First: no one is impervious to attack.  The best defense is multi-layered and includes a way to restore operations/data from backup and continuity resources.

Second: the FBI encourages victim businesses to work with law enforcement when they are attacked. The reality is that not all attacks are large enough to secure resources from law enforcement, however, which is even more reason to have a self-help solution planned well in advance.

Third: the FBI discourages paying ransoms, as it publicly said in this incident. Why? Several reasons: it can make you a potentially lucrative future "mark;" and increasingly, hackers collect a ransom and don't release the data back to the company.  They may destroy it, or they may demand a higher ransom to prevent its publication on the dark web or other media.  

Fourth: the hack itself isn't always the end point. Regarding the particular groups suspected of involvement in the MGM/Caesars attacks, the attached article makes the point that the bad guys “heavily rel[y] on email and SMS phishing attacks and have also been observed attempting to phish other users within an organization once they’ve gained access to employee databases.” That is, after hanging around in your environment for a while, threat actors may try additional efforts to attack using details they find about your employees -- to see if that can lead them to additional victim companies.  

The upshot?  Keeping threat actors out is better than trying to get them out once they get in; but at the same time, protecting your business relies on both keeping them out and having a plan for what to do if they get in.  

After a set of conflicting statements earlier in the day, in which Neuberger at first said that MGM had turned down assistance from the federal government, it emerged that MGM had begun working with the FBI. “We are working in close coordination across the U.S. government in response to the recent ransomware attack against MGM,” she said late Friday, adding that “this incident underscores our strong recommendation that companies do not pay ransoms.”


data security and privacy, hill_mitzi, insights, leisure and hospitality